Using the Cisco IOS Archive Command

by Tony Mattke on June 7, 2010



The Cisco IOS archive command is not only very useful in keeping configuration archives, but it can also be used to log commands entered into the router, along with their user name. As with most technologies, their options can be rather extensive so we will just be covering the basics here.

Configuration Archive

In IOS 12.3, Cisco introduced the archive, and archive config commands. At a bare minimum, you can start archiving configs with a 2 line setup! Here we’ve simply defined an archive path, and manually told the router to make two archives of the configuration using the archive config command.

Router#conf t
Router(config)# archive
Router(config-archive)#?
Archive configuration commands:
  default       Set a command to its defaults
  exit          Exit from archive configuration mode
  log           Logging commands
  maximum       Maximum number of backup copies
  no            Negate a command or set its defaults
  path          Path for backups
  rollback      Rollback parameters
  time-period   Period of time in minutes to automatically archive the running-config
  write-memory  Enable automatic backup generation during write memory

Router(config-archive)# path flash:backup_config
Router(config-archive)#^Z
Router# archive config
Router#
Router# archive config
Router#
Router# show archive
There are currently 3 archive configurations saved.
The next archive file will be named flash:mybackup-3
 Archive #  Name
   0
   1       flash:backup_config-1
   2       flash:backup_config-2 <- Most Recent
   3
   4
...

It would be a much better idea to keep your configuration archive off the router in case of flash failure. Most common protocols are supported. (TFTP, FTP, HTTP, RCP)

You can view your archived configurations via the show archive config with the differences or incremental-diffs argument.

Router# show archive config ?

  differences              Display the differences between two config files
  incremental-diffs        Display lines in config file which will be added to running-config

Other archive configuration options include

  • maximum - Set a maximum number of backup copies
  • time-period - Automagicly archive your configuration at set time intervals
  • write-memory - Automagicly archive your configuration when you do a wr mem

Logging CLI Commands

Configuration Command logging can be used to maintain a log of configuration changes. Commands with syntax errors or partial commands that invoke the help system are not logged. For each configuration command that is executed, the following information is logged.

  • The command that was executed
  • The configuration mode in which the command was executed
  • The name of the user that executed the command
  • The time at which the command was executed
  • A configuration change sequence number
  • Parser return codes for the command

Here is a sample configuration.

Router#conf t
Router(config)#archive
Router(config-archive)#log config
Router(config-archive-log-cfg)#?
commands for controlling config logging:
  default   Set a command to its defaults
  exit      Exit from the log config submode
  hidekeys  suppress output (e.g. passwords) when displaying logged commands
  logging   Modify config logging parameters
  no        Negate a command or set its defaults
  notify    Send logged commands to target applications
  record    What to record in the config logger

Router(config-archive-log-cfg)#logging enable
Router(config-archive-log-cfg)#logging size 500
Router(config-archive-log-cfg)#hidekeys

To view your configuration log, simply execute the show command show archive log config all - although you can also filter by user, or user + session number.

Router#show archive log config all
 idx   sess           user@line      Logged command
    1     1          tonhe@vty1     |  logging enable
    2     1          tonhe@vty1     |  logging size 500
    3     1          tonhe@vty1     |  hidekeys
    4     0          tonhe@vty0     |!exec: enable
    5     2          tonhe@vty0     |interface l0
    6     2          tonhe@vty0     | no ip address

Conclusion

For those of us that worry what happens to our network when were not around, these tools could be more than invaluable. The could certainly provide us with the peace of mind that some of us need. As usual, if you have any questions or comments, please leave them below and I'll do my best to get back to you as soon as possible.

Who writes this crap?

Tony Mattke is a network engineer for a financial institution in Indiana. In the past he has worked for ISPs, data centers, networking manufactures, and the occasional enterprise. For feedback, please leave a comment on the article in question. For everything else including fan mail or death threats, contact him via twitter.

No related posts.

Tagged as: archive

{ 2 comments… read them below or add one }

Geoff June 22, 2010 at 7:46 am

So this enables a rotating log of specified number of entered commands? Is there any sense of how much memory this takes in flash, say, logging 1000 commands versus 10000? Great post.

Reply

Derek January 9, 2012 at 10:28 am

Tony, thanks so much for this very helpful post. I have been playing around with the archive command and love it thus far. I am archiving the configs to a TFTP server. My only problem is that the files are saved w/o any line breaks. The entire config is just one big block. Does anyone know how to fix this?

TIA, :D

Reply

Leave a Comment

Previous post:

Next post: