Appliance Logging and Debugging
To configure remote syslog to send syslog messages to a remote syslog server:
Set remote syslog server.
metrox (config) # logging <IP address/hostname>
(Optional) Set the destination port of the remote host.
metrox (config) # logging <IP address/hostname> port <port>
(Optional) Filter log messages according to an input regex.
metrox (config) # logging <IP address/hostname> filter <
"include"/
"exclude"> <regex>
Set the minimum severity of the log level to information.
metrox (config) # logging <IP address/hostname> trap info
Override the log levels on a per-class basis.
metrox (config) # logging <IP address/hostname> trap override
class<
classname> priority <level>
A feature that provides the ability to choose the protocol to use for sending syslog messages to a remote host: UDP (default) or TCP.
logging
logging <IPv4 address/hostname>
Sends log messages to the remote host specified by its IP or hostname
The no form of the command stops sending log messages to the remote host specified by its IP or hostname.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
18.01.5000
Role
admin
Example
|
metrox (config) # logging 1.1.1.1
Related Commands
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive messages after reload.
logging port
logging <syslog IPv4 address/hostname> port <destination-port>
no logging <syslog IPv4 address/hostname> port
Configures remote server destination port for log messages.
The no form of the command resets the remote log port to its default value.
Syntax Description
destination-port
Range: 1-65535
Hostname
Max 64 characters
Default
514 (UDP)
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging 10.0.0.1 port 105
Related Commands
logging <syslog IPv4 address/hostname> trap
Notes
logging trap
logging <syslog IPv4 address/hostname> [trap {<log-level> | override class <class> priority <log-level>}]
no logging <syslog IPv4 address/hostname> [trap {<log-level> | override class <class> priority <log-level>}]
Enables (by setting the syslog IPv4 address/hostname) sending logging messages, with ability to filter the logging messages according to their classes.
The no form of the command stops sending messages to the remote syslog server.
Syntax Description
syslog IPv4 address/hostname
syslog IPv4 address/hostname of the remote syslog server
Hostname is limited to 64 characters
log-level
class
Sets or removes a per-class override on the logging level. All classes which do not have an override set will use the global logging level set with “logging local <log level>”. Classes that do have an override will do as the override specifies. If “none” is specified for the log level, the software will not log anything from this class. Classes available:
Default
Remote logging is disabled
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging local info
Related Commands
show logging
logging local override
logging <syslog IPv4 address/hostname> port
Notes
logging debug-files
logging debug-files {delete {current | oldest} | rotation {criteria | force | max-num} | update {<number> | current} | upload <log-file> <upload URL>}
no logging debug-files rotation criteria
Configures settings for debug log files.
The "logging debug-files rotation criteria" command removes the debug rotation criteria configuration.
Syntax Description
delete {current | oldest}
Deletes certain debug-log files.
rotation {criteria {frequency {daily | weekly | monthly} | size <size> | size-pct <percentage>} | force | max-num}
Configures automatic rotation of debug-logging files.
update {<number> | current}
Uploads a local debug-log file to a remote host.
upload
Uploads debug log file to a remote host
log-file
Possible values: 1-7, or current
upload URL
Supported formats: HTTP, HTTPS, FTP, TFTP, SCP and SFTP (e.g.: scp://username[:password]@hostname/path/filename)
Default
N/A
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging debug-files delete current
Related Commands
Notes
logging fields
logging fields seconds {enable | fractional-digits <f-digit> | whole-digits <w-digit>}
no logging fields seconds {enable | fractional-digits <f-digit> | whole-digits <w-digit>}
Specifies whether to include an additional field in each log message that shows the number of seconds since the Epoch or not.
The no form of the command disallows including an additional field in each log message that shows the number of seconds since the Epoch.
Syntax Description
enable
Specifies whether to include an additional field in each log message that shows the number of seconds since the Epoch or not.
f-digit
The fractional-digits parameter controls the number of digits to the right of the decimal point. Truncation is done from the right.
Possible values are: 1, 2, 3, or 6.
w-digit
The whole-digits parameter controls the number of digits to the left of the decimal point. Truncation is done from the left. Except for the year, all of these digits are redundant with syslog's own date and time.
Possible values: 1, 6, or all.
Default
Disabled
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging fields seconds enable
Related Commands
show logging
Notes
This is independent of the standard syslog date and time at the beginning of each message in the format of “July 15 18:00:00”. Aside from indicating the year at full precision, its main purpose is to provide subsecond precision.
logging files delete
logging files delete {current | oldest [<number of files>]}
Deletes the current or oldest log files.
Syntax Description
current
Deletes current log file
oldest
Deletes oldest log file
number of files
Sets the number of files to be deleted
Default
CLI commands and audit message are set to notice logging level
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging files delete current
Related Commands
show logging
show log files
Notes
logging files rotation
logging files rotation {criteria {frequency <freq> | size <size-mb>| size-pct <size-percentage>} | force | max-number <number-of-files>}
no logging files rotation criteria
Sets the rotation criteria of the logging files.
The no form of the command removes the rotation criteria configuration.
Syntax Description
freq
Sets rotation criteria according to time. Possible options are:
size-mb
Sets rotation criteria according to size in megabytes
Range: 1-9999
Default: 20MB
size-percentage
Sets rotation criteria according to size in percentage of the partition where the logging files are kept in. The percentage given is truncated to three decimal points (thousandths of a percent).
force
Forces an immediate rotation of the log files. This does not affect the schedule of auto-rotation if it was done based on time: the next automatic rotation will still occur at the same time for which it was previously scheduled. Naturally, if the auto-rotation was based on size, this will delay it somewhat as it reduces the size of the active log file to zero.
number-of-files
The number of log files will be kept. If the number of log files ever exceeds this number (either at rotation time, or when this setting is lowered), the system will delete as many files as necessary to bring it down to this number, starting with the oldest.
Default
10 files are kept by default with rotation criteria of 5% of the log partition size
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging files rotation criteria size-pct 6
Related Commands
show logging
show log files
Notes
logging files upload
logging files upload {current | <file-number>} <url>
Uploads a log file to a remote host.
Syntax Description
current
The current log file. The current log file will have the name “messages” if you do not specify a new name for it in the upload URL.
file-number
An archived log file. The archived log file will have the name “messages<n>.gz” (while “n” is the file number) if you do not specify a new name for it in the upload URL. The file will be compressed with gzip.
url
Uploads URL path. Supported formats: FTP, TFTP, SCP, and SFTP. For example: scp://username[:password]@hostname/path/filename.
Default
10 files are kept by default with rotation criteria of 5% of the log partition size
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging files upload 1 scp://admin@scpserver
Related Commands
show logging
show log files
Notes
logging filter include
logging <IP address/hostname> filter include <regex>
Sends only log messages that match the input regex to a remote host specified by its IP or hostname.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
18.01.5000
Role
admin
Example
|
metrox (config) # logging 1.1.1.1 filter include ERROR
Related Commands
loggin
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive filtered messages after reload.
logging filter exclude
logging <IP address/hostname> filter exclude <regex>
Sends only log messages that do not match the input regex to a remote host specified by its IP or hostname.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
18.01.5000
Role
admin
Example
|
metrox (config) # logging 1.1.1.1 filter exclude ERROR
Related Commands
logging
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive filtered messages after reload.
no logging filter
no logging <IP address/hostname> filter
Sends unfiltered log messages to the configured remote host.
Syntax Description
N/A
Default
N/A
Configuration Mode
config
History
18.01.5000
Role
admin
Example
|
metrox (config) # no logging 1.1.1.1 filter
Related Commands
logging
Notes
This command is configurable. If “configuration write” is executed, the remote host will still receive filtered messages after reload.
logging format
logging format {standard | welf [fw-name <hostname>]}
no logging format {standard | welf [fw-name <hostname>]}
Sets the format of the logging messages.
The no form of the command resets the format to its default.
Syntax Description
standard
Standard format
welf
WebTrends Enhanced Log file (WELF) format
fw-name
Firewall name used in WELF messages
hostname
Specifies the firewall hostname that should be associated with each message logged in WELF format. If no firewall name is set, the hostname is used by default. Hostname is limited to 64 characters.
Default
standard
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging format standard
Related Commands
show logging
Notes
logging level
logging level {cli commands <log-level> | audit mgmt <log-level>}
Sets the severity level at which CLI commands or the management audit message that the user executes are logged. This includes auditing of both configuration changes and actions.
Syntax Description
cli commands
Sets the severity level at which CLI commands which the user executes are logged.
audit mgmt
Sets the severity level at which all network management audit messages are logged.
log-level
Default
CLI commands and audit message are set to notice logging level
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging level cli commands info
Related Commands
show logging
Notes
logging local override
logging local override [class <class> priority <log-level>]
no logging local override [class <class> priority <log-level>]
Enables class-specific overrides to the local log level.
The no form of the command disables all class-specific overrides to the local log level without deleting them from the configuration, but disables them so that the logging level for all classes is determined solely by the global setting.
Syntax Description
override
Enables class-specific overrides to the local log level.
class
Sets or removes a per-class override on the logging level. All classes which do not have an override set will use the global logging level set with “logging local <log level>”. Classes that do have an override will do as the override specifies. If “none” is specified for the log level, the software will not log anything from this class.
Classes available:
log-level
Default
Override is disabled
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging local override class mgmt-front priority warning
Related Commands
show logging
logging local
Notes
logging protocol
logging <IP address\hostname> protocol [tcp|udp]
no logging <IP address\hostname> protocol
Sends log messages to specified host with the chosen protocol (TCP or UDP).
The no form of the command sets the protocol for sending log messages to a remote host to the default (UDP).
Syntax Description
tcp
Sets protocol to TCP
udp
Sets protocol to UDP
Default
UDP
Configuration Mode
Configure terminal
History
18.01.5000
Role
Admin
Example
|
metrox (config) # logging 1.1.1.1 protocol tcp
metrox (config) # no logging 1.1.1.1 protocol
Related Commands
Notes
This command is configurable, so if “configuration write” is executed then after reboot the remote host will still receive messages with the configured protocol.
logging receive
logging receive
no logging receive
Enables receiving logging messages from a remote host.
The no form of the command disables the option of receiving logging messages from a remote host.
Syntax Description
N/A
Default
Receiving logging is disabled
Configuration Mode
config
History
18.01.5000
Example
|
metrox (config) # logging receive
Related Commands
show logging
logging local
logging local override
Notes
show log
show log [continuous | files [<file-number>]] [[not] matching <reg-exp>]
Displays the log file with optional filter criteria.
Syntax Description
continues
Displays the last few lines of the current log file and then continues to display new lines as they come in until the user hits Ctrl+C, similar to LINUX “tail” utility.
files
Displays the list of log files.
<file-number>
Displays an archived log file, where the number may range from 1 up to the number of archived log files available.
[not] matching <reg-exp>
The file is piped through a LINUX “grep” utility to only include lines either matching, or not matching, the provided regular expression.
Default
N/A
Configuration Mode
Any command mode
History
18.01.5000
Example
|
metrox (config) # show log matching "Executing|Action"
Jul 31 16:11:23 M2100-aj cli[26502]: [cli.NOTICE]: user : Executing command: enable
Related Commands
logging fields
logging files rotation
logging level
logging local
logging receive
show logging
Notes
show logging
show logging
Displays the logging configurations.
Syntax Description
N/A
Default
N/A
Configuration Mode
Any command mode
History
18.01.5000
Example
|
metrox (config) # show logging
Local logging level : notice
Levels at which messages are logged:
Remote syslog servers:
1.2.2.3:
Related Commands
logging fields
logging files rotation
logging level
logging local
logging receive
logging <syslog IPv4 address/hostname>
Notes
show logging port
show logging port
Displays the port logging configurations.
Syntax Description
N/A
Default
N/A
Configuration Mode
Any command mode
History
18.01.5000
Example
|
metrox (config) # show logging port
Local logging level: notice
Related Commands
logging port
Notes
show log debug
show log debug [continuous | files | matching | not]
Displays current event debug-log file in a scrollable pager.
Syntax Description
continuous
Displays new event log messages as they arrive
files
Displays archived debug log files
matching
Displays event debug logs that match a given regular expression
not
Displays event debug logs that do not meet certain criteria
Default
N/A
Configuration Mode
Any command mode
History
18.01.5000
Example
|
metrox (config) # show log debug
May 26 12:17:21 gateway cli[14941]: [cli.DEBUG]: user admin: cli_parse_one_level: word=show, 70 children, 0 cmds, unavail=0
Related Commands
Notes