I needed a way to track if someone logged into the switches and made changes – when they made the changes and who did it
First – I set up a logging server on Linux
Then I added the following to the configuration
set system syslog host 10.0.40.2 authorization info
set system syslog host 10.0.40.2 conflict-log any
set system syslog host 10.0.40.2 change-log any
set system syslog host 10.0.40.2 facility-override local6
where 10.0.40.2 is my logging server. local6 is to log everything to the local6 log on the logging server. Adjust this as you see fit.
then I created a separate login for each person that was authorized to make changes to the switches
set system login user USERNAME class super-user
set system login user USERNAME authentication plain-text-password
You will be prompted to then type in a password for USERNAME. Repeat for each user that needs access.
Now you can keep track of who screws things up!!!