I am trying to find a good way to monitor any changes to configuration in my enviornment.
Ideally, I'd like to see the engineer that made the change and the commands they ran.
I understand I can run a "show audit-trail" to see this information, but I work on a large scale and would like an automated method.
Is logging all to a syslog server the only way to gain this information? (i.e. logging x.x.x.x)
Is there a Radius functionality with Clearpass that allows me to see commands run in the authentication window? (Would I have to move to TACACS+?)
Is airwave a good way to do this? I know I can monitor config, but will it notify me of who/when a change has occured, or just that a change has occured?
I should mention we run 6.5.x code currently.