On the journey to CCNA Security (210-260)
- Option 1: Try to login
- Option 2: Do not login for 45 days…. because you forgot you had an ISE lab running
- Double or nothing: Do not login for 45 days because you forgot the password scribbled somewhere on your labnotes
- Protip: The admin password can vary for the cli and web gui, however, this can be a double edged sword – also might want to change the default password expiry
Because sometimes a root cause analysis is overkill….
Correlating Log files are an important aspect when responding to incidents/attacks/outages regarding your Cisco devices.
However I have noticed for a while that my logging timestamps are off an hour from the actual clock synced by NTP.
After some digging I realized that Cisco devices use
service timestamps log datetime
as a default. You can check the default values using the command:
sh run all | inc timestamp
In order for your logs to use the local clock time you need to issue the command
device(config)# service timestamp log datetime localtime
From now on, your logging timestamp should be identical to your local time on the device.
Good news everyone:
Would you like to know more?