Configuring Logging
Logs all important activities that occur on the switch and the fabrics that were created on them. Netvisor ONE enables logging by default and viewable using the CLI. You can also configure system logging to send syslog-formatted messages to other servers configured to receive them as part of centralized logging and monitoring.
Figure 1:  Switch with Syslog Server
 
The following activities are logged:
Table 1: Log Events
Log Type
Description
Event
Records action observed or performed by switches. Each Event type can be enabled or disabled. Events are collected on a best effort basis. If events occur too rapidly to be recorded, Netvisor ONE annotates the event log with the number of events lost.Netvisor ONE logs the following examples of event types:
Port state changes
TCP connections
STP port changes
Audit
When you make an administrative change to the configuration, an audit log is recorded. An audit log consists of the command and parameters along with the success or failure indication. When a command fails, Netvisor ONE records an error message.
System
The system log records error conditions and conditions of interest. Netvisor ONE has four levels in the system log:
critical
error
warn
note
Perror
The perror log records messages on standard error output, describing the last error encountered.
Each log message includes the following information:
Category - event, audit, or system
Timestamp within a microsecond
Process name and process ID of the process producing the message
Unique message name
Unique five digit numerical message code
Message: additional message-specific parameters and explanation
A log message may include optional parameters, including associated VLAN, VXLAN, or switch port.An audit log message includes additional information:
User
Process ID
Client IP of the remote computer issuing the command
An event log also includes the event type.
The maximum number of repeated messages detected by Netvisor ONE is ten (10). After five seconds, if Netvisor ONE detects repeated messages, then the log prints "Last X messages(s) repeated Y time(s)”. If the log message detects "X" and "Y" as both 1, then Netvisor ONE prints the message rather than "Last 1 message(s) repeated 1 time(s)". Netvisor ONE prints the log events after a five (5) second delay.
To view event logs using the CLI, enter the following command:
CLI network-admin@switch > log-event-show
category time                     name    code event-type port message
event    2013-06-04,13:12:18.304740 port_up 62   port       62   up
event    2013-06-04,13:12:18.304740 port_up 62   port       50   up
event    2013-06-04,13:12:18.304740 port_up 62   port       10   up
...
 
To view audit log entries, enter the following command:
CLI network-admin@switch > log-audit-show
category time                       name    code user          message
audit    2013-06-04,13:12:18.304740 command 1101 network-admin Command create id=b000011:! name=1 scope=fabric vrg=b000011:0 vlans=100 _mgr_id=b00001
audit    2013-06-04,13:12:18.304740 command 1101 network-admin Command create vrouter id=b000011:! name=1 scope=fabric vrg=b000011:0 vlans=100 _mgr_id=b00001
 
To view system log entries, use the following command:
CLI network-admin@switch > log-system-show
time:           2013-09-17, 06:28:09.351514-07:00
name:           11006
level:          warn
time:           2013-09-17, 11:28:09.351514-07:00
name:           11006
level:          warn
time:           2013-09-17, 13:28:09.351514-07:00
name:           11006
level:          warn
 
Currently, accessing system log information may require assistance from TAC to retrieve the logs from Netvisor ONE. To enable log auditing in Netvisor ONE, use the following command
CLI network-admin@switch > log-admin-audit-modify enable|disable
To display auditing status, use the following command:
CLI network-admin@switch > log-admin-audit-show
Modifying and Displaying Log Event Settings
By default, Netvisor ONE logs only system and port events. You can configure Netvisor ONE to include other logging, and you can add other events using the log-event-settings-modify command. You can modify the way logs events by using the log-event-settings-modify command to remove or add log events. For instance to remove logging of STP events, use the following command:
CLI network-admin@switch > log-event-settings-modify no-stp
To display log event settings information, use the log-event-settings-show command.