Netvisor ONE logs all important activities that occur on the switches and fabrics created on them. Logging is enabled by default and can be viewed using the CLI. You can also configure system logging to send syslog-formatted messages to servers configured to receive them, as part of centralized logging and monitoring.
Figure 11-1 - Netvisor One Switch with Syslog Server
The following types of activities are logged:
Records action observed or performed by switches. Each Event type can be enabled or disabled. Events are collected on a best effort basis. If events occur too rapidly to be recorded, the event log is annotated with the number of events lost.
The following are examples of event types:
When an administrative change to the configuration is made, an audit log is recorded. An audit log consists of the command and parameters along with the success or failure indication. When a command fails, an error message is also recorded.
The system log records error conditions and conditions of interest.
The Perror log records messages on standard error output, describing the last error encountered.
Each log message includes the following information:
- Category - event, audit, or system
- Timestamp within a microsecond
- Process name and process ID of the process producing the message
- Unique message name
- Unique five digit numerical message code
- Message: additional message-specific parameters and explanation
A log message consists of common parameters separated by spaces and a colon (:), optional parameters, another colon, and then the log-specific message. The optional parameters, which may include the associated VLAN, VXLAN, or switch ports, appear as key/value pairs. An audit log message includes additional information:
- Process ID
- Client IP of the remote computer issuing the command
An event log also includes the event type.
For information about specific log events and their meaning, see the Netvisor ONE Log Messages Guide.
The maximum number of repeated messages detected by Netvisor ONE is ten (10). After five seconds, if Netvisor ONE detects repeated messages, then the log prints "Last X messages(s) repeated Y time(s)”. If the log message detects "X" and "Y" as both 1, then Netvisor ONE prints the message rather than "Last 1 message(s) repeated 1 time(s)". Log events are printed after a five (5) second delay.
Currently, accessing system log information may require assistance from TAC to retrieve the logs from Netvisor ONE. To enable log auditing in Netvisor ONE, use the following command:
CLI (network-admin@Leaf1) > log-admin-audit-modify enable|disable
Log auditing is disabled by default. To display auditing status, use the following command:
CLI (network-admin@Leaf1) > log-admin-audit-show
Using Facility Codes with Log Messages
Netvisor ONE labels log messages with a facility code indicating the area of the software that generated the log message.
The following are the default facility codes:
- Log_Daemon for events and system messages
- Log_AUDIT for audit messages
The following severity levels are used by default:
- Log_INFO = informational
- Log_Critical = critical
- Log_ERROR = error
- Log_WARNING = warn
- Log_NOTICE = note