Netvisor One logs all important activities that occur on the switch and fabrics created on them. Logging is enabled by default and is viewable using the CLI. You can also configure system logging to send syslog-formatted messages to other servers configured to receive them as part of centralized logging and monitoring.
Figure 1 - Netvisor One Switch with Syslog Server
There are three types of activities logged:
Records action observed or performed by switches. Each Event type can be enabled or disabled. Events are collected on a best effort basis. If events occur too rapidly to be recorded, the event log is annotated with the number of events lost.
The following are examples of event types:
When an administrative change to the configuration is made, an audit log is recorded. An audit log consists of the command and parameters along with the success or failure indication. When a command fails, an error message is also recorded.
The system log records error conditions and conditions of interest.
There are four levels in the system log:
The perror log records messages on standard error output, describing the last error encountered.
Each log message includes the following information:
- Category - event, audit, or system
- Timestamp within a microsecond
- Process name and process ID of the process producing the message
- Unique message name
- Unique five digit numerical message code
- Message: additional message-specific parameters and explanation
A log message may include optional parameters, including associated VLAN, VXLAN, or switch port.An audit log message includes additional information:
- Process ID
- Client IP of the remote computer issuing the command
An event log also includes the event type.
The maximum number of repeated messages detected by Netvisor One is ten (10). After five seconds, if there are repeated messages, "Last X messages(s) repeated Y time(s)" is printed. If "X" and "Y" are both 1, then the message is printed rather than "Last 1 message(s) repeated 1 time(s)". The log events are printed after a five (5) second delay.
To view event logs using the CLI, enter the following command:
category time name code event-type port message
event 2013-06-04,13:12:18.304740 port_up 62 port 62 up
event 2013-06-04,13:12:18.304740 port_up 62 port 50 up
event 2013-06-04,13:12:18.304740 port_up 62 port 10 up
To view audit log entries, enter the following command:
category time name code user message
audit 2013-06-04,13:12:18.304740 command 1101 network-admin Command create id=b000011:! name=1 scope=fabric vrg=b000011:0 vlans=100 _mgr_id=b00001
audit 2013-06-04,13:12:18.304740 command 1101 network-admin Command create vrouter id=b000011:! name=1 scope=fabric vrg=b000011:0 vlans=100 _mgr_id=b00001
To view system log entries, use the following command:
time: 2013-09-17, 06:28:09.351514-07:00
time: 2013-09-17, 11:28:09.351514-07:00
time: 2013-09-17, 13:28:09.351514-07:00
Currently, accessing system log information may require assistance from TAC to retrieve the logs from Netvisor One. To enable log auditing in Netvisor One, use the following command:
CLI network-admin@Leaf1>log-admin-audit-modify enable|disable
To display auditing status, use the following command:
Modifying and Displaying Log Event Settings
By default, only system and port events are logged. Other logging is possible, and you can add other events using the log-event-settings-modify command. You can modify the way Netvisor One logs events by using the log-event-settings-modify command to remove or add log events.
For instance to remove logging of STP events, use the following command:
CLI network-admin@Leaf1>log-event-settings-modify no-stp
To display log event settings information, use the log-event-settings-show command.