Putty is a widely used, free, tool to SSH/Telnet/Console/etc into a network device. I can’t recall how many times I’ve burned myself because I fat-fingered the keyboard and then lost my connection to the network device or misconfigured an interface and not realize it for a couple of days. Or what if you wanted to remember what you did a couple of months ago on a switch?
Putty allows you to log each of your sessions. It has saved my bacon so many times.
Here’s how to configure it. First, highlight the Default Settings:
Then on the left pane, click on Logging under Session.
Under the Session Logging section, select “All session output”
For the log file name, use this structure: &H-&Y&M&D-&T.log
&H – This will append the hostname of the device to the front of the file. I add a dash after this to separate it from the dates.
&Y&M&D – This adds the year, month, and day. Add a dash afterwards to separate it from the time.
&T – This adds the time you logged into the device. Because you may log into the same device multiple times per day, this is a good way to log each session separately.
Click on browse to save it to a specific location. Your log file will then look like: 192.168.1.1-20131024-075505.log
Simple!
Now go back to the Session window, click on Default Settings, and click Save. So next time you open Putty or create a new saved session, it will create the log file.
Let’s see it in action. I’m going to create a new saved session for the ATT Looking Glass route server:
Let’s take a look at Google’s BGP routes
Here is the contents of that log:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.10.24 07:58:42 =~=~=~=~=~=~=~=~=~=~=~= -------------- route-server.ip.att.net --------------- --------- AT&T IP Services Route Monitor ----------- The information available through route-server.ip.att.net is offered by AT&T's Internet engineering organization to the Internet community. This router maintains eBGP peerings with customer-facing routers throughout the AT&T IP Services Backbone: IPv4: 12.123.21.243 Atlanta 12.123.133.124 Austin 12.123.41.250 Cambridge 12.123.5.240 Chicago 12.123.17.244 Dallas 12.123.139.124 Detroit 12.122.83.238 Denver 12.123.134.124 Houston 12.123.29.249 LA 12.123.1.236 New York 12.123.33.249 Orlando 12.123.137.124 Philly 12.123.142.124 Phoenix 12.123.145.124 SanDiego 12.123.13.241 SanFran 12.123.25.245 St.Louis 12.122.125.224 Seattle 12.123.9.241 WashDC IPv6: 2001:1890:FF:FFFF:12:122:124:12 Atlanta 2001:1890:FF:FFFF:12:122:127:66 Chicago 2001:1890:FF:FFFF:12:122:124:138 Dallas 2001:1890:FF:FFFF:12:122:120:7 Fort Lauderdale 2001:1890:FF:FFFF:12:122:125:6 Los Angeles 2001:1890:FF:FFFF:12:122:125:44 New York 2001:1890:FF:FFFF:12:122:125:106 Philadelphia 2001:1890:FF:FFFF:12:122:125:132 Phoenix 2001:1890:FF:FFFF:12:122:126:232 San Francisco 2001:1890:FF:FFFF:12:122:125:224 Seattle 2001:1890:FF:FFFF:12:122:126:9 St. Louis 2001:1890:FF:FFFF:12:122:126:64 Washington *** Please Note: Ping and traceroute delay figures measured here are unreliable, due to the high CPU load experienced when complicated show commands are running. For questions about this route-server, send email to: jayb@att.com *** Log in with username 'rviews', password 'rviews' *** route-server.ip.att.net (ttyp5) login: rviews Password: --- JUNOS 12.1R3-S4 built 2013-03-24 11:22:31 UTC rviews@route-server.ip.att.net> show route www.google.com inet.0: 462505 destinations, 6937311 routes (462505 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 173.194.78.0/24 *[BGP/170] 3w2d 17:29:34, localpref 100, from 12.122.125.224 AS path: 7018 15169 I > to 12.0.1.1 via em0.0 [BGP/170] 2w3d 09:11:13, localpref 100, from 12.122.83.238 AS path: 7018 15169 I > to 12.0.1.1 via em0.0 [BGP/170] 7w5d 19:42:12, localpref 100, from 12.123.1.236 AS path: 7018 15169 I > to 12.0.1.1 via em0.0 [BGP/170] 7w5d 19:42:22, localpref 100, from 12.123.5.240 AS path: 7018 15169 I > to 12.0.1.1 via em0.0 [BGP/170] 2w0d 04:42:59, localpref 100, from 12.123.9.241 AS path: 7018 15169 I > to 12.0.1.1 via em0.0 [BGP/170] 7w5d 19:42:13, localpref 100, from 12.123.13.241 AS path: 7018 15169 I > to 12.0.1.1 via em0.0 ---(more)--- rviews@route-server.ip.att.net> exit
From the text above, you can actually see my input. You won’t be able to see the passwords but you can see every other command that is typed in by me.
Note: For your previously created sessions, you will have to select it, then click Load, and modify the Logging settings to create a log for those sessions.