Configuring Logging


Netvisor One logs all important activities that occur on the switch and fabrics created on them. Logging is enabled by default and is viewable using the CLI. You can also configure system logging to send syslog-formatted messages to other servers configured to receive them as part of centralized logging and monitoring.



Figure 10-1 - Netvisor One Switch with Syslog Server

 

The following types of activities are logged:


Log Type

Description

Event

Records action observed or performed by switches. Each Event type can be enabled or disabled.
Events are collected on a best effort basis. If events occur too rapidly to be recorded, the event
log is annotated with the number of events lost.


The following are examples of event types:


  • Port state changes
  • TCP connections
  • STP port changes

Audit

When an administrative change to the configuration is made, an audit log is recorded.
An audit log consists of the command and parameters along with the success or
failure indication. When a command fails, an error message is also recorded.

System

The system log records error conditions and conditions of interest.


There are four levels in the system log:


  • critical
  • error
  • warn
  • note

Perror

The perror log records messages on standard error output, describing the
last error encountered.

 

Each log message includes the following information:

 

  • Category - event, audit, or system
  • Timestamp within a microsecond
  • Process name and process ID of the process producing the message
  • Unique message name
  • Unique five digit numerical message code
  • Message: additional message-specific parameters and explanation

 

A log message may include optional parameters, including associated VLAN, VXLAN, or switch port.An audit log message includes additional information:

 

  • User
  • Process ID
  • Client IP of the remote computer issuing the command

 

An event log also includes the event type.

 

The maximum number of repeated messages detected by Netvisor ONE is ten (10). After five seconds, if Netvisor ONE detects repeated messages, then the log prints "Last X messages(s) repeated Y time(s)”. If the log message detects "X" and "Y" as both 1, then Netvisor ONE prints the message rather than "Last 1 message(s) repeated 1 time(s)". Netvisor ONE prints the log events after a five (5) second delay.

 

To view event logs using the CLI, enter the following command:

 

CLI (network-admin@Leaf1) >log-event-show

 

category time                     name    code event-type port message

event    2013-06-04,13:12:18.304740 port_up 62   port       62   up

event    2013-06-04,13:12:18.304740 port_up 62   port       50   up

event    2013-06-04,13:12:18.304740 port_up 62   port       10   up

...

 

To view audit log entries, enter the following command:

 

CLI (network-admin@Leaf1) > log-audit-show

 

category time                       name    code user          message
-------- -----                      -----   ---- ----          --------  

audit    2013-06-04,13:12:18.304740 command 1101 network-admin Command create  id=b000011:! name=1 scope=fabric vrg=b000011:0 vlans=100 _mgr_id=b00001

audit    2013-06-04,13:12:18.304740 command 1101 network-admin Command create vrouter id=b000011:! name=1 scope=fabric vrg=b000011:0 vlans=100 _mgr_id=b00001

 

To view system log entries, use the following command:


CLI (network-admin@Leaf1) > log-system-show

 

time:           2013-09-17, 06:28:09.351514-07:00

name:           11006

level:          warn

time:           2013-09-17, 11:28:09.351514-07:00

name:           11006

level:          warn

time:           2013-09-17, 13:28:09.351514-07:00

name:           11006

level:          warn

 

Currently, accessing system log information may require assistance from TAC to retrieve the logs from Netvisor One. To enable log auditing in Netvisor One, use the following command:

 

CLI (network-admin@Leaf1) > log-admin-audit-modify enable|disable

 

To display auditing status, use the following command:


CLI (network-admin@Leaf1) > log-admin-audit-show

 

Modifying and Displaying Log Event Settings

 

By default, only system and port events are logged. Other logging is possible, and you can add other events using the log-event-settings-modify command. You can modify the way Netvisor One logs events by using the log-event-settings-modify command to remove or add log events.

 

For instance to remove logging of STP events, use the following command:

 

CLI (network-admin@Leaf1) > log-event-settings-modify no-stp

 

To display log event settings information, use the log-event-settings-show command.