For the month of May, I am doing a guest blog on CISCO Subnet. I will be discussing various topics around data visualization. You should stop by and check it out. If you have any topics that you are interseted in, let me know as well.
May 4, 2009
CISCO Subnet Blogging in May
November 30, 2008
CISCO Router Forensics
I just came across this list of command to capture the state of a CISCO router. I wanted to capture this and maybe inspire someone to build an application for Splunk. It would be interesting to build a set of expect scripts that go out and capture this information in Splunk. You can then use the information for forensics, but also for change management. By building alerts you could even alert on unauthorized or potentially malicious changes. If you are interested in building an application, let me know. I’ be happy to help.
show clock detail show version show running-config show startup-config show reload show users show who show log show debug show stack show context show tech-support show processes show processes cpu show processes memory content of bootflash show ip route show ip ospf show ip ospf summary show ip ospf neighbors show ip bgp summary show cdp neighbors show ip arp show interfaces show ip interfaces show tcp brief all show ip sockets show ip nat translations verbose show ip cache flow show ip cef show snmp show snmp user show snmp group show snmp sessions show file descriptors