I needed a way to track if someone logged into the switches and made changes – when they made the changes and who did it

First – I set up a logging server on Linux

Then I added the following to the configuration

set system syslog host 10.0.40.2 authorization info
set system syslog host 10.0.40.2 conflict-log any
set system syslog host 10.0.40.2 change-log any
set system syslog host 10.0.40.2 facility-override local6

where 10.0.40.2 is my logging server. local6 is to log everything to the local6 log on the logging server. Adjust this as you see fit.

then I created a separate login for each person that was authorized to make changes to the switches

set system login user USERNAME class super-user
set system login user USERNAME authentication plain-text-password

You will be prompted to then type in a password for USERNAME. Repeat for each user that needs access.

Now you can keep track of who screws things up!!!