Controller Based WLANs

How to see commands that were executed in both enable mode and in configuration mode?

Aruba Employee

This is applicable for MAS and for Controllers Only


When we need to see the "show commands" that were executed from the enable mode, it would not show by default.

However,  after enabling "audit-trail all", we can get to see the "show commands" that were exected as well

In order to see the commands that were executed in both enable mode and in configuration mode, we need to enable the command "audit-trail all" 

(Host) (config) #audit-trail all
(Host) (config) #


(Host) #show ap database

AP Database
Name               Group    AP Type  IP Address     Status          Flags  Switch IP      Standby IP
----               -----    -------  ----------     ------          -----  ---------      ----------
ac:a3:1e:c5:65:5a  default  214  Up 21h:27m:22s

Flags: U = Unprovisioned; N = Duplicate name; G = No such group; L = Unlicensed
       I = Inactive; D = Dirty or no config; E = Regulatory Domain Mismatch
       X = Maintenance Mode; P = PPPoE AP; B = Built-in AP; s = LACP striping
       R = Remote AP; R- = Remote AP requires Auth; C = Cellular RAP;
       c = CERT-based RAP; 1 = 802.1x authenticated AP; 2 = Using IKE version 2
       u = Custom-Cert RAP; S = Standby-mode AP; J = USB cert at AP
       i = Indoor; o = Outdoor
       M = Mesh node; Y = Mesh Recovery

Total APs:5

(Host) #
(Host) #show  user-table 

    IP           MAC       Name   Role  Age(d:h:m)  Auth  VPN link  AP name  Roaming  Essid/Bssid/Phy  Profile  Forward mode  Type  Host Name
----------  ------------  ------  ----  ----------  ----  --------  -------  -------  ---------------  -------  ------------  ----  ---------

User Entries: 0/0
Curr/Cum Alloc:0/0 Free:0/0 Dyn:0 AllocErr:0 FreeErr:0

(Host) #show  ap active 

Active AP Table
Name               Group    IP Address     11g Clients  11g Ch/EIRP/MaxEIRP  11a Clients  11a Ch/EIRP/MaxEIRP  AP Type  Flags  Uptime       Outer IP
----               -----    ----------     -----------  -------------------  -----------  -------------------  -------  -----  ------       --------
ac:a3:1e:c5:65:5a  default  0            AP:HT:11/22/22       0            AP:VHT:36+/21/21     214      a      21h:27m:35s  N/A

Flags: 1 = 802.1x authenticated AP; 2 = Using IKE version 2;
       A = Enet1 in active/standby mode;  B = Battery Boost On; C = Cellular;
       D = Disconn. Extra Calls On; E = Wired AP enabled; F = AP failed 802.1x authentication;
       H = Hotspot Enabled; K = 802.11K Enabled; L = Client Balancing Enabled; M = Mesh;
       N = 802.11b protection disabled; P = PPPOE; R = Remote AP;
       S = AP connected as standby; X = Maintenance Mode;
       a = Reduce ARP packets in the air; d = Drop Mcast/Bcast On; u = Custom-Cert RAP;
       i = Provisioned as Indoor; o = Provisioned as Outdoor;
       r = 802.11r Enabled
       Q = DFS CAC timer running

Channel followed by "*" indicates channel selected due to unsupported configured channel.
"Spectrum" followed by "^" indicates Local Spectrum Override in effect.

Num APs:1

In the above example, we executed the commands,
"show ap database"
"show user-table"
"show ap active"

(Host) #show  audit-trail 3

Feb 26 10:13:31  cli[3591]: USER:admin@ COMMAND:<show ap database > -- command executed successfully
Feb 26 10:13:37  cli[3591]: USER:admin@ COMMAND:<show user-table > -- command executed successfully
Feb 26 10:13:43  cli[3591]: USER:admin@ COMMAND:<show ap active > -- command executed successfully 

(Host) #

To verify if enabled, we can check the running-config

(Host) (config) #show  running-config |  include  audit 
Building Configuration...
audit-trai all
Version history
Revision #:
2 of 2
Last update:
‎05-18-2016 01:37 PM
Updated by:
Labels (1)
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.