To print logging events to the terminal, set the modules or events you wish to print to the terminal. For example, run: o–
switch (config) # logging monitor events notice
switch (config) # logging monitor sx-sdk warning
These commands print system events in severity “notice”, and “sx-sdk” module notifications in severity “warning” to the screen. For example, in case of interface-down event, the following gets printed to the screen:
switch (config) #
Wed Jul
10
11:
30:
42
2013: Interface IB1/
17 changed state to DOWN
Wed Jul
10
11:
30:
43
2013: Interface IB1/
18 changed state to DOWN
To see a list of the events, refer to “Supported Event Notifications and MIB Mapping”.
To configure remote syslog to send syslog messages to a remote syslog server:
Set remote syslog server.
switch(config) # logging <IP address/hostname>
(Optional) Set the destination port of the remote host.
switch(config) # logging <IP address/hostname> port <port>
(Optional) Filter log messages according to an input regex.
switch(config) # logging <IP address/hostname> filter <
"include"/
"exclude"> <regex>
Set the minimum severity of the log level to info.
switch(config) # logging <IP address/hostname> trap info
Override the log levels on a per-class basis.
switch(config) # logging <IP address/hostname> trap override
class<
classname> priority <level>
A feature that provides the ability to choose the protocol to use for sending syslog messages to a remote host: UDP (default) or TCP. See "logging protocol" command.
logging
logging <IPv4 address/IPv6 address/hostname>
no logging <IPv4 address/IPv6 address/hostname>
Sends log messages to the remote host specified by its IP or hostname.
The no form of the command stops sending log messages to the remote host specified by its IP or hostname.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
|
3.1.1000
Role
admin
Example
switch (config) # logging 1.1.1.1
switch (config) # no logging 1.1.1.1
Related Commands
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive messages after reload.
logging port
logging <syslog IPv4 address/IPv6 address/hostname> port <destination-port>
no logging <syslog IPv4 address/IPv6 address/hostname> port
Configures remote server destination port for log messages.
The no form of the command resets the remote log port to its default value.
Syntax Description
destination-port
Range: 1-65535
Hostname
Max 64 characters
Default
514 (UDP)
Configuration Mode
config
History
|
3.6.2002
3.8.1000—Updated command syntax
Example
switch (config) # logging 10.0.0.1 port 105
Related Commands
logging <syslog IPv4 address/IPv6 address/hostname> trap
Notes
logging trap
logging <syslog IPv4 address/IPv6 address/hostname> [trap {<log-level> | override class <class> priority <log-level>}]
no logging <syslog IPv4 address/IPv6 address/hostname> [trap {<log-level> | override class <class> priority <log-level>}]
Enables (by setting the syslog IPv4 address/IPv6 address/hostname) sending logging messages, with ability to filter the logging messages according to their classes.
The no form of the command stops sending messages to the remote syslog server.
Syntax Description
syslog IPv4 address/IPv6 address/hostname
syslog IPv4 address/IPv6 address/hostname of the remote syslog server
Hostname is limited to 64 characters
log-level
class
Sets or removes a per-class override on the logging level. All classes which do not have an override set will use the global logging level set with “logging local <log level>”. Classes that do have an override will do as the override specifies. If “none” is specified for the log level, the software will not log anything from this class. Classes available:
Default
Remote logging is disabled
Configuration Mode
config
History
|
3.6.2002
3.8.1000—Updated command syntax
Example
switch (config) # logging local info
Related Commands
show logging
logging local overridelogging <syslog IPv4 address/IPv6 address/hostname> port
Notes
logging debug-files
logging debug-files {delete {current | oldest} | rotation {criteria | force | max-num} | update {<number> | current} | upload <log-file> <upload URL>}
no logging debug-files rotation criteria
Configures settings for debug log files.
The "logging debug-files rotation criteria" command removes the debug rotation criteria configuration.
Syntax Description
delete {current | oldest}
Deletes certain debug-log files.
rotation {criteria {frequency {daily | weekly | monthly} | size <size> | size-pct <percentage>} | force | max-num}
Configures automatic rotation of debug-logging files.
update {<number> | current}
Uploads a local debug-log file to a remote host.
upload
Uploads debug log file to a remote host
log-file
Possible values: 1-7, or current
upload URL
Supported formats: HTTP, HTTPS, FTP, TFTP, SCP and SFTP (e.g.: scp://username[:password]@hostname/path/filename)
Default
N/A
Configuration Mode
config
History
3.3.4150
3.9.0900: Added "no logging debug-files rotation criteria" command
Example
switch (config) # logging debug-files delete current
Related Commands
Notes
logging events enable
logging events {cpu-rate-limiters | interfaces | protocols} enable
no logging events {cpu-rate-limiters | interfaces | protocols | what-just-happened-packets} enable
Activate event tracking for a certain group.
The no form of the command deactivates event tracking for a certain group.
Syntax Description
cpu-rate-limiters | interfaces | protocols | what-just-happened-packets
Logical groups with specified set of counters
Default
N/A
Configuration Mode
config
History
|
3.6.6000
3.9.0900: Added note
Example
switch (config) # logging events interfaces enable
Related Commands
Notes
Increase in the enabled events groups will generate a log message of the form:Jan 8 14:15:24 switch statsd[4404]: [statsd.NOTICE]: (StatsLog) Interface Eth1/9: 398 0598 packets dropped due to Rx invalid tag discards packetsJan 8 14:15:24 switch statsd[4404]: [statsd.NOTICE]: (StatsLog) Interface Eth1/9: 398 0599 packets dropped due to Rx discard packets by vlan filterJan 8 14:42:44 switch statsd[4404]: [statsd.NOTICE]: (StatsLog) cpu-rate-limiter DISCARD_LAYERS_2_3: 7767087 packets dropped by CPU rate-limiter
logging events error-threshold
logging events {interfaces | protocols} error-threshold <events>
no logging events {interfaces | protocols} error-threshold <events>
Configures number of events after which the system begins to generate events to the log file.
The no form of the command resets this parameter to its default value.
Syntax Description
interfaces
Sets threshold for interface related events
protocols
Sets threshold for protocol related events
events
Number of events after which the system begins to generate events to the log file. Range: 0-4294967295.
Default
cpu-rate-limiters - 1 event
interfaces - 10 eventsprotocols - 2 events
Configuration Mode
config
History
3.6.6000
Example
switch (config) # logging events interfaces error-threshold 45
Related Commands
Notes
logging events interval
logging events {interfaces | protocols} interval <seconds>
no logging events {interfaces | protocols} interval <seconds>
Configures interval in seconds between each sampling of counters in event type.
The no form of the command resets this parameter to its default value.
Syntax Description
|
interfaces | protocols
Logical groups with specified set of counters
Default:
interfaces—5 minutes
protocols—1 minute
seconds
Time between sampling. Range is different for each event type:
Default
N/A
Configuration Mode
config
History
|
3.6.6000
Example
switch (config) # logging events interfaces interval 120
Related Commands
Notes
logging events rate-limit
logging events [interfaces | protocols] rate-limit {short | medium | long} [count | window]
no logging events [interfaces | protocols] rate-limit [short | medium | long] [count <number> | window <seconds>]
Configures the number of allowed events per time window, and that window’s duration.
The no form of the command resets these parameters to their default values.
Syntax Description
interfaces | protocols
Logical groups with specified set of counters
rate-limit
Three configurable periods: short, medium, and long
count
Number of allowed events per time window
window
Window of time in seconds for the rate limit period
Default
For “interfaces”
Short window:
event count—5window duration—1 hour
Medium window:
event count—50window duration—1 day
Long window:
event count—350window duration—7 days
For “protocols”
Short window:
event count—10window duration—1 hour
Medium window:
event count—100window duration—1 day
Long window:
event count—600window duration—7 days
Configuration Mode
config
History
3.6.6000
Example
switch (config) # logging events interfaces interval 120
Related Commands
Notes
The goal of this command is to restrict the number of events in the log. To achieve this end, it is possible to specify the allowed number (parameter “count”) of messages per period of time (parameter “window”).
logging fields
logging fields seconds {enable | fractional-digits <f-digit> | whole-digits <w-digit>}
no logging fields seconds {enable | fractional-digits <f-digit> | whole-digits <w-digit>}
Specifies whether to include an additional field in each log message that shows the number of seconds since the Epoch or not.
The no form of the command disallows including an additional field in each log message that shows the number of seconds since the Epoch.
Syntax Description
enable
Specifies whether to include an additional field in each log message that shows the number of seconds since the Epoch or not.
f-digit
The fractional-digits parameter controls the number of digits to the right of the decimal point. Truncation is done from the right.
Possible values are: 1, 2, 3, or 6.
w-digit
The whole-digits parameter controls the number of digits to the left of the decimal point. Truncation is done from the left. Except for the year, all of these digits are redundant with syslog's own date and time.
Possible values: 1, 6, or all.
Default
Disabled
Configuration Mode
config
History
3.1.0000
Example
switch (config) # logging fields seconds enableswitch (config) # logging fields seconds whole-digits 1
Related Commands
show logging
Notes
This is independent of the standard syslog date and time at the beginning of each message in the format of “July 15 18:00:00”. Aside from indicating the year at full precision, its main purpose is to provide subsecond precision.
logging files delete
logging files delete {current | oldest [<number of files>]}
Deletes the current or oldest log files.
Syntax Description
current
Deletes current log file
oldest
Deletes oldest log file
number of files
Sets the number of files to be deleted
Default
CLI commands and audit message are set to notice logging level
Configuration Mode
config
History
3.1.0000
Example
switch (config) # logging files delete current
Related Commands
show logging
show log files
Notes
logging files rotation
logging files rotation {criteria {frequency <freq> | size <size-mb>| size-pct <size-percentage>} | force | max-number <number-of-files>}
no logging files rotation criteria
Sets the rotation criteria of the logging files.
The no form of the command removes the rotation criteria configuration.
Syntax Description
freq
Sets rotation criteria according to time. Possible options are:
size-mb
Sets rotation criteria according to size in megabytes
Range: 1-9999Default: 20MB
size-percentage
Sets rotation criteria according to size in percentage of the partition where the logging files are kept in. The percentage given is truncated to three decimal points (thousandths of a percent).
force
Forces an immediate rotation of the log files. This does not affect the schedule of auto-rotation if it was done based on time: the next automatic rotation will still occur at the same time for which it was previously scheduled. Naturally, if the auto-rotation was based on size, this will delay it somewhat as it reduces the size of the active log file to zero.
number-of-files
The number of log files will be kept. If the number of log files ever exceeds this number (either at rotation time, or when this setting is lowered), the system will delete as many files as necessary to bring it down to this number, starting with the oldest.
Default
10 files are kept by default with rotation criteria of 5% of the log partition size
Configuration Mode
config
History
|
3.1.0000
3.9.0900:
Example
switch (config) # logging files rotation criteria size-pct 6
Related Commands
show logging
show log files
Notes
logging files upload
logging files upload {current | <file-number>} <url>
Uploads a log file to a remote host.
Syntax Description
current
The current log file. The current log file will have the name “messages” if you do not specify a new name for it in the upload URL.
file-number
An archived log file. The archived log file will have the name “messages<n>.gz” (while “n” is the file number) if you do not specify a new name for it in the upload URL. The file will be compressed with gzip.
url
Uploads URL path. Supported formats: FTP, TFTP, SCP, and SFTP. For example: scp://username[:password]@hostname/path/filename.
Default
10 files are kept by default with rotation criteria of 5% of the log partition size
Configuration Mode
config
History
3.1.0000
Example
switch (config) # logging files upload 1 scp://admin@scpserver
Related Commands
show logging
show log files
Notes
logging filter include
logging <IP address\hostname> filter include <regex>
Sends only log messages that match the input regex to a remote host specified by its IP or hostname.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
3.8.2000
Role
admin
Example
switch (config) # logging 1.1.1.1 filter include ERROR
Related Commands
loggin
no logging
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive filtered messages after reload.
logging filter exclude
logging <IP address\hostname> filter exclude <regex>
Sends only log messages that do not match the input regex to a remote host specified by its IP or hostname.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
3.8.2000
Role
admin
Example
switch (config) # logging 1.1.1.1 filter exclude ERROR
Related Commands
loggin
no logging
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive filtered messages after reload.
no logging filter
no logging <IP address\hostname> filter
Sends unfiltered log messages to the configured remote host.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
3.8.2000
Role
admin
Example
switch (config) # no logging 1.1.1.1 filter
Related Commands
loggin
no logging
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive filtered messages after reload.
logging format
logging format {standard | welf [fw-name <hostname>]}
no logging format {standard | welf [fw-name <hostname>]}
Sets the format of the logging messages.
The no form of the command resets the format to its default.
Syntax Description
standard
Standard format
welf
WebTrends Enhanced Log file (WELF) format
hostname
Specifies the firewall hostname that should be associated with each message logged in WELF format. If no firewall name is set, the hostname is used by default. Hostname is limited to 64 characters.
Default
standard
Configuration Mode
config
History
3.1.0000
Example
switch (config) # logging format standard
Related Commands
show logging
Notes
logging level
logging level {cli commands <log-level> | audit mgmt <log-level>}
Sets the severity level at which CLI commands or the management audit message that the user executes are logged. This includes auditing of both configuration changes and actions.
Syntax Description
cli commands
Sets the severity level at which CLI commands which the user executes are logged
audit mgmt
Sets the severity level at which all network management audit messages are logged
log-level
Default
CLI commands and audit message are set to notice logging level
Configuration Mode
config
History
3.1.0000
Example
switch (config) # logging level cli commands info
Related Commands
show logging
Notes
logging local override
logging local override [class <class> priority <log-level>]
no logging local override [class <class> priority <log-level>]
Enables class-specific overrides to the local log level.
The no form of the command disables all class-specific overrides to the local log level without deleting them from the configuration, but disables them so that the logging level for all classes is determined solely by the global setting.
Syntax Description
override
Enables class-specific overrides to the local log level.
class
Sets or removes a per-class override on the logging level. All classes which do not have an override set will use the global logging level set with “logging local <log level>”. Classes that do have an override will do as the override specifies. If “none” is specified for the log level, the software will not log anything from this class.
Classes available:
log-level
Default
Override is disabled
Configuration Mode
config
History
3.1.0000
3.3.4150: Added debug-module class and changed iss-modules to protocol-stack
Example
switch (config) # logging local override class mgmt-front priority warning
Related Commands
show logging
logging local
Notes
logging monitor
logging monitor <facility> <priority-level>
no logging monitor <facility> <priority-level>
Sets monitor log facility and level to print to the terminal.
The no form of the command disables printing logs of facilities to the terminal.
Syntax Description
facility
priority-level
Default
no logging monitor
Configuration Mode
config
History
3.3.4000
Example
switch (config) # logging monitor events notice
Related Commands
Notes
logging protocol
logging <IP address\hostname> protocol [tcp|udp]
no logging <IP address\hostname> protocol
Sends log messages to specified host with the chosen protocol (TCP or UDP).
The no form of the command sets the protocol for sending log messages to a remote host to the default (UDP).
Syntax Description
tcp
Sets protocol to TCP
udp
Sets protocol to UDP
Default
UDP
Configuration Mode
Configure terminal
History
3.8.2100
Role
Admin
Example
switch (config) # logging 1.1.1.1 protocol tcp
switch (config) # no logging 1.1.1.1 protocol
Related Commands
Notes
This command is configurable, so if “configuration write” is executed then after reboot the remote host will still receive messages with the configured protocol.
logging receive
logging receive
no logging receive
Enables receiving logging messages from a remote host.
The no form of the command disables the option of receiving logging messages from a remote host.
Syntax Description
N/A
Default
Receiving logging is disabled
Configuration Mode
config
History
3.1.0000
Example
switch (config) # logging receive
Related Commands
show logging
logging locallogging local override
Notes
logging mac masking
logging mac masking
no logging mac masking
Enables MAC address masking in logs.
The no form of the command disables MAC address masking.
Syntax Description
N/A
Default
Enabled
Configuration Mode
config
History
3.9.0900
Example
switch (config) # logging mac masking
Related Commands
show logging
Notes
If enabled, the first 2 bytes of MAC address output log will be masked. For example, 00:12:34:56:78:9a will be displayed as **:**:34:56:78:9a.
show log
show log [continuous | files [<file-number>]] [[not] matching <reg-exp>]
Displays the log file with optional filter criteria.
Syntax Description
continues
Displays the last few lines of the current log file and then continues to display new lines as they come in until the user hits Ctrl+C, similar to LINUX “tail” utility
files
Displays the list of log files
<file-number>
Displays an archived log file, where the number may range from 1 up to the number of archived log files available
[not] matching <reg-exp>
The file is piped through a LINUX “grep” utility to only include lines either matching, or not matching, the provided regular expression
Default
N/A
Configuration Mode
Any command mode
History
3.1.0000
3.3.4402: Updated example and added note
Example
switch (config) # show log matching "Executing|Action"
Jul 31 16:11:23 M2100-aj cli[26502]: [cli.NOTICE]: user : Executing command: enableJul 31 16:11:24 M2100-aj cli[26507]: [cli.NOTICE]: user : Executing command: enableJul 31 16:11:29 M2100-aj cli[26514]: [cli.NOTICE]: user : Executing command: enableJul 31 16:11:29 M2100-aj cli[26514]: [cli.NOTICE]: user : Executing command: show licenseJul 31 16:11:41 M2100-aj cli[26548]: [cli.NOTICE]: user : Executing command: enableJul 31 16:11:42 M2100-aj cli[26553]: [cli.NOTICE]: user : Executing command: enableJul 31 16:11:42 M2100-aj cli[26553]: [cli.NOTICE]: user : Executing command: conf termina
Related Commands
logging fields
logging files rotationlogging levellogging locallogging receiveshow logging
Notes
show logging
show logging
Displays the logging configurations.
Syntax Description
N/A
Default
N/A
Configuration Mode
Any command mode
History
3.1.0000
3.8.2000: Updated example3.9.0900: Updated example
Role
Admin
Example
switch (config) # show logging
Local logging level : noticeOverride for class debug-module : noticeDefault remote logging level : noticeAllow receiving of messages from remote hosts: noNumber of archived log files to keep : 10Log rotation size threshold : 19.07 megabytesLog rotation (debug) size threshold : 19.07 megabytesLog format : standardSubsecond timestamp field : disabledMAC address masking : enabled
Levels at which messages are logged: CLI commands : notice Audit messages: notice
Remote syslog servers: 1.1.1.1: log level : notice Remote port : 514 Filter [include] regex: err
1.2.2.3: log level : notice Remote port: 33
Related Commands
logging fields
logging files rotationlogging levellogging locallogging receivelogging <syslog IPv4 address/IPv6 address/hostname>
Notes
show logging events
show logging events [interfaces | protocols]
Displays configuration per selected event group or all.
Syntax Description
interfaces | protocols
Logical groups with specified set of counters
Default
N/A
Configuration Mode
Any command mode
History
3.6.6000
Example
switch (config) # show logging eventsinterfaces: Admin mode : no Interval : 5 minutes Error threshold: 10 Rate-limit short window: Event count : 5 Window duration: 1 hour Rate-limit medium window: Event count : 50 Window duration: 1 day Rate-limit long window: Event count : 350 Window duration: 7 daysprotocols: Admin mode : no Interval : 1 minute Error threshold: 2 Rate-limit short window: Event count : 10 Window duration: 1 hour Rate-limit medium window: Event count : 100 Window duration: 1 day Rate-limit long window: Event count : 600 Window duration: 7 days
Related Commands
logging event enable
logging event error-thresholdlogging event intervallogging event rate-limit
Notes
show logging events source-counters
show logging events [interfaces | protocols] source-counters
Displays set of counters for sampling.
Syntax Description
interfaces | protocols
Logical groups with specified set of counters
Default
N/A
Configuration Mode
Any command mode
History
3.6.6000
Example
switch (config) # show logging events interfaces source-countersinterfaces: Counters: Rx discard packets, Rx error packets, Rx fcs errors, Rx undersize packets, Rx oversize packets, Rx unknown control opcode, Rx symbol errors, Rx discard packets by Storm Control, Tx discard packets, Tx error packets, Tx hoq discard packets
Related Commands
logging event enable
logging event error-thresholdlogging event intervallogging event rate-limit
Notes
show logging port
show logging port
Displays the port logging configurations.
Syntax Description
N/A
Default
N/A
Configuration Mode
Any command mode
History
3.1.0000
3.8.1000: Updated example
Example
switch (config) # show logging Local logging level: notice Override for class debug-module: noticeDefault remote logging level: noticeRemote syslog receiver: 1.2.3.4 (log level: notice)Remote port: 514
Related Commands
logging port
Notes