Putty is a widely used, free, tool to SSH/Telnet/Console/etc into a network device. I can’t recall how many times I’ve burned myself because I fat-fingered the keyboard and then lost my connection to the network device or misconfigured an interface and not realize it for a couple of days. Or what if you wanted to remember what you did a couple of months ago on a switch?
Putty allows you to log each of your sessions. It has saved my bacon so many times.
Here’s how to configure it. First, highlight the Default Settings:
Then on the left pane, click on Logging under Session.
Under the Session Logging section, select “All session output”
For the log file name, use this structure: &H-&Y&M&D-&T.log
&H – This will append the hostname of the device to the front of the file. I add a dash after this to separate it from the dates.
&Y&M&D – This adds the year, month, and day. Add a dash afterwards to separate it from the time.
&T – This adds the time you logged into the device. Because you may log into the same device multiple times per day, this is a good way to log each session separately.
Click on browse to save it to a specific location. Your log file will then look like: 192.168.1.1-20131024-075505.log
Now go back to the Session window, click on Default Settings, and click Save. So next time you open Putty or create a new saved session, it will create the log file.
Let’s see it in action. I’m going to create a new saved session for the ATT Looking Glass route server:
Let’s take a look at Google’s BGP routes
Here is the contents of that log:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.10.24 07:58:42 =~=~=~=~=~=~=~=~=~=~=~= -------------- route-server.ip.att.net --------------- --------- AT&T IP Services Route Monitor ----------- The information available through route-server.ip.att.net is offered by AT&T's Internet engineering organization to the Internet community. This router maintains eBGP peerings with customer-facing routers throughout the AT&T IP Services Backbone: IPv4: 188.8.131.52 Atlanta 184.108.40.206 Austin 220.127.116.11 Cambridge 18.104.22.168 Chicago 22.214.171.124 Dallas 126.96.36.199 Detroit 188.8.131.52 Denver 184.108.40.206 Houston 220.127.116.11 LA 18.104.22.168 New York 22.214.171.124 Orlando 126.96.36.199 Philly 188.8.131.52 Phoenix 184.108.40.206 SanDiego 220.127.116.11 SanFran 18.104.22.168 St.Louis 22.214.171.124 Seattle 126.96.36.199 WashDC IPv6: 2001:1890:FF:FFFF:12:122:124:12 Atlanta 2001:1890:FF:FFFF:12:122:127:66 Chicago 2001:1890:FF:FFFF:12:122:124:138 Dallas 2001:1890:FF:FFFF:12:122:120:7 Fort Lauderdale 2001:1890:FF:FFFF:12:122:125:6 Los Angeles 2001:1890:FF:FFFF:12:122:125:44 New York 2001:1890:FF:FFFF:12:122:125:106 Philadelphia 2001:1890:FF:FFFF:12:122:125:132 Phoenix 2001:1890:FF:FFFF:12:122:126:232 San Francisco 2001:1890:FF:FFFF:12:122:125:224 Seattle 2001:1890:FF:FFFF:12:122:126:9 St. Louis 2001:1890:FF:FFFF:12:122:126:64 Washington *** Please Note: Ping and traceroute delay figures measured here are unreliable, due to the high CPU load experienced when complicated show commands are running. For questions about this route-server, send email to: firstname.lastname@example.org *** Log in with username 'rviews', password 'rviews' *** route-server.ip.att.net (ttyp5) login: rviews Password: --- JUNOS 12.1R3-S4 built 2013-03-24 11:22:31 UTC email@example.com> show route www.google.com inet.0: 462505 destinations, 6937311 routes (462505 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 188.8.131.52/24 *[BGP/170] 3w2d 17:29:34, localpref 100, from 184.108.40.206 AS path: 7018 15169 I > to 220.127.116.11 via em0.0 [BGP/170] 2w3d 09:11:13, localpref 100, from 18.104.22.168 AS path: 7018 15169 I > to 22.214.171.124 via em0.0 [BGP/170] 7w5d 19:42:12, localpref 100, from 126.96.36.199 AS path: 7018 15169 I > to 188.8.131.52 via em0.0 [BGP/170] 7w5d 19:42:22, localpref 100, from 184.108.40.206 AS path: 7018 15169 I > to 220.127.116.11 via em0.0 [BGP/170] 2w0d 04:42:59, localpref 100, from 18.104.22.168 AS path: 7018 15169 I > to 22.214.171.124 via em0.0 [BGP/170] 7w5d 19:42:13, localpref 100, from 126.96.36.199 AS path: 7018 15169 I > to 188.8.131.52 via em0.0 ---(more)--- firstname.lastname@example.org> exit
From the text above, you can actually see my input. You won’t be able to see the passwords but you can see every other command that is typed in by me.
Note: For your previously created sessions, you will have to select it, then click Load, and modify the Logging settings to create a log for those sessions.