Putty is a widely used, free, tool to SSH/Telnet/Console/etc into a network device. I can’t recall how many times I’ve burned myself because I fat-fingered the keyboard and then lost my connection to the network device or misconfigured an interface and not realize it for a couple of days. Or what if you wanted to remember what you did a couple of months ago on a switch?
Putty allows you to log each of your sessions. It has saved my bacon so many times.
Here’s how to configure it. First, highlight the Default Settings:
Then on the left pane, click on Logging under Session.
Under the Session Logging section, select “All session output”
For the log file name, use this structure: &H-&Y&M&D-&T.log
&H – This will append the hostname of the device to the front of the file. I add a dash after this to separate it from the dates.
&Y&M&D – This adds the year, month, and day. Add a dash afterwards to separate it from the time.
&T – This adds the time you logged into the device. Because you may log into the same device multiple times per day, this is a good way to log each session separately.
Click on browse to save it to a specific location. Your log file will then look like: 192.168.1.1-20131024-075505.log
Now go back to the Session window, click on Default Settings, and click Save. So next time you open Putty or create a new saved session, it will create the log file.
Let’s see it in action. I’m going to create a new saved session for the ATT Looking Glass route server:
Let’s take a look at Google’s BGP routes
Here is the contents of that log:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.10.24 07:58:42 =~=~=~=~=~=~=~=~=~=~=~= -------------- route-server.ip.att.net --------------- --------- AT&T IP Services Route Monitor ----------- The information available through route-server.ip.att.net is offered by AT&T's Internet engineering organization to the Internet community. This router maintains eBGP peerings with customer-facing routers throughout the AT&T IP Services Backbone: IPv4: 184.108.40.206 Atlanta 220.127.116.11 Austin 18.104.22.168 Cambridge 22.214.171.124 Chicago 126.96.36.199 Dallas 188.8.131.52 Detroit 184.108.40.206 Denver 220.127.116.11 Houston 18.104.22.168 LA 22.214.171.124 New York 126.96.36.199 Orlando 188.8.131.52 Philly 184.108.40.206 Phoenix 220.127.116.11 SanDiego 18.104.22.168 SanFran 22.214.171.124 St.Louis 126.96.36.199 Seattle 188.8.131.52 WashDC IPv6: 2001:1890:FF:FFFF:12:122:124:12 Atlanta 2001:1890:FF:FFFF:12:122:127:66 Chicago 2001:1890:FF:FFFF:12:122:124:138 Dallas 2001:1890:FF:FFFF:12:122:120:7 Fort Lauderdale 2001:1890:FF:FFFF:12:122:125:6 Los Angeles 2001:1890:FF:FFFF:12:122:125:44 New York 2001:1890:FF:FFFF:12:122:125:106 Philadelphia 2001:1890:FF:FFFF:12:122:125:132 Phoenix 2001:1890:FF:FFFF:12:122:126:232 San Francisco 2001:1890:FF:FFFF:12:122:125:224 Seattle 2001:1890:FF:FFFF:12:122:126:9 St. Louis 2001:1890:FF:FFFF:12:122:126:64 Washington *** Please Note: Ping and traceroute delay figures measured here are unreliable, due to the high CPU load experienced when complicated show commands are running. For questions about this route-server, send email to: email@example.com *** Log in with username 'rviews', password 'rviews' *** route-server.ip.att.net (ttyp5) login: rviews Password: --- JUNOS 12.1R3-S4 built 2013-03-24 11:22:31 UTC firstname.lastname@example.org> show route www.google.com inet.0: 462505 destinations, 6937311 routes (462505 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 184.108.40.206/24 *[BGP/170] 3w2d 17:29:34, localpref 100, from 220.127.116.11 AS path: 7018 15169 I > to 18.104.22.168 via em0.0 [BGP/170] 2w3d 09:11:13, localpref 100, from 22.214.171.124 AS path: 7018 15169 I > to 126.96.36.199 via em0.0 [BGP/170] 7w5d 19:42:12, localpref 100, from 188.8.131.52 AS path: 7018 15169 I > to 184.108.40.206 via em0.0 [BGP/170] 7w5d 19:42:22, localpref 100, from 220.127.116.11 AS path: 7018 15169 I > to 18.104.22.168 via em0.0 [BGP/170] 2w0d 04:42:59, localpref 100, from 22.214.171.124 AS path: 7018 15169 I > to 126.96.36.199 via em0.0 [BGP/170] 7w5d 19:42:13, localpref 100, from 188.8.131.52 AS path: 7018 15169 I > to 184.108.40.206 via em0.0 ---(more)--- email@example.com> exit
From the text above, you can actually see my input. You won’t be able to see the passwords but you can see every other command that is typed in by me.
Note: For your previously created sessions, you will have to select it, then click Load, and modify the Logging settings to create a log for those sessions.