https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6842619#M9652 <P>Hi,</P><P>I have done some more investigation and I can only run the following command syslog is not supported on my 2910al:</P><P>aaa accounting commands stop-only radius</P><P>The switch send the accounting to the microsoft NPS server and In the logfile I see this:</P><P>&lt;Vendor-Specific data_type="2"&gt;0000000B020C73686F7720766C616E73&lt;/Vendor-Specific&gt;</P><P>The above when translated from hexadecimal to "Show vlans" which was the command I issued. How do I get the NPS to convert this from Hexadecimal to string?</P> Thu, 17 Mar 2016 14:22:06 GMT Fleischen 2016-03-17T14:22:06Z https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6842244#M9639 <P>Hello,</P><P>How do I comply with PCI DSS requirement 10.2.2 when using a Procurve switch?<BR />(<A href="https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf)" target="_blank">https://www.pcisecuritystandards.org/documents/PCI_DSS_v3.pdf)</A></P><P>The core of this requirment is that all changes done on the switch must be logged. Using "logging notify running-config-change" only notifies that a change has been made not what was changed. And also send it to a syslog server.</P><P>On a cisco switch it is quite easy:</P><P>(<A href="http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swlog.html)" target="_blank">http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst2960/software/release/12-2_55_se/configuration/guide/scg_2960/swlog.html)</A> Chapter "Enabling the Configuration-Change Logger"</P><P>How do I do it on a procurve switch?</P><P>Thanks!</P> Wed, 16 Mar 2016 19:19:24 GMT https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6842244#M9639 Fleischen 2016-03-16T19:19:24Z https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6842245#M9640 <P>This is what I did to meet that requirement for a customer. &nbsp;They are using IMC for management, so that is the IP address used.</P><P>config t<BR />logging <EM>&lt;log-host-ip&gt;</EM><BR />logging facility syslog<BR />logging notify running-config-change transmission-interval 10<BR />aaa accounting exec start-stop syslog<BR />aaa accounting commands stop-only syslog<BR />end</P><P>Dave</P> Wed, 16 Mar 2016 19:22:55 GMT https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6842245#M9640 Dave Harrold 2016-03-16T19:22:55Z https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6842619#M9652 <P>Hi,</P><P>I have done some more investigation and I can only run the following command syslog is not supported on my 2910al:</P><P>aaa accounting commands stop-only radius</P><P>The switch send the accounting to the microsoft NPS server and In the logfile I see this:</P><P>&lt;Vendor-Specific data_type="2"&gt;0000000B020C73686F7720766C616E73&lt;/Vendor-Specific&gt;</P><P>The above when translated from hexadecimal to "Show vlans" which was the command I issued. How do I get the NPS to convert this from Hexadecimal to string?</P> Thu, 17 Mar 2016 14:22:06 GMT https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6842619#M9652 Fleischen 2016-03-17T14:22:06Z https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6845778#M9712 <P>2910al does support "logging notify running...", you may need to upgrade firmware to the latest available (I'm using W.15.14.0011).</P><P>Regarding NPS and hex to string, you'd probably need to use a platform that supports the vendor specific attribute described. I'd assume that would be a HPE product, like IMC. Unfortunely I don't use that, so I can't check...</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 29 Mar 2016 03:26:04 GMT https://community.hpe.com/t5/hpe-aruba-networking-provision/configuration-change-logging/m-p/6845778#M9712 Stephen A Swain 2016-03-29T03:26:04Z