I'm searching for a way to log every command executed on a cisco switch/router, I have a catalyst 2960s with lanbase image, and a catalyst 4500e with ipbase image.
I've found a way to log commands executed in config mode with the following configuration
archive
log config
logging enable 100
notify syslog
hidekeys
but I want to log every command including show version for example. Any ideas ?
I'm not sure there is a way to log the "show" commands themselves into an archive.
You can achieve beyond logging config mode changes using Accounting TACACS+ features (an example with the ASA firewall is shown below, but same concept applies to switches/routers):
http://www.cisco.com/c/en/us/td/docs/security/asa/asa72/command/reference/cmd_ref/a1_72.html
To send accounting messages to the TACACS+ accounting server when you enter any command other than show commands at the CLI, use the aaa accounting command command in global configuration mode.
However, it looks like this CCIE has a workaround if you don't use TACACS+ : http://blog.ipspace.net/2006/11/cli-command-logging-without-tacacs.html -- but the caveat is that you would end up with an "echo" if you leave console logging enabled.
