Configuring System Logging
Netvisor ONE allows you to send log messages to syslog servers over a UDP session or a TCP session with TLS encryption. By default, the messages are sent to syslog servers through UDP.
CLI (network-admin@Leaf1) > admin-syslog-create
|
admin-syslog-create |
Use this command to configure syslog parameters. |
|
Specify the following options: |
|
|
name name-string |
Specify the name for the syslog configuration. |
|
scope local|fabric |
Specify one among the options the scope of the syslog. |
|
host host-string |
Specify the host name. |
|
port port-number |
Specify the host port number. |
|
transport tcp-tls|udp |
Specify TCP with TLS or UDP as the transport protocol for log events. UDP is used by default. |
|
message-format structured|legacy |
Specify one among the options as the message format for log events. |
|
export-container-logs|no-export-container-logs |
Enable or disable the export of container logs. |
|
export-os-logs|no-export-os-log |
Enable or disable the export of OS logs. |
For example, to configure the switch to send all log messages to a syslog server with an IP address of 172.16.21.67 through port 10514, use the following command:
CLI (network-admin@Leaf1) > admin-syslog-create name <name> scope fabric host 172.16.21.76 port 10514 message-format structured
To display the configuration, use the admin-syslog-show command:
CLI (network-admin@Leaf1) > admin-syslog-show
|
admin-syslog-show |
Use this command to view the syslog configuration. |
|
Specify the following options: |
|
|
name name-string |
Specify the name of the syslog. |
|
scope local|fabric |
Specify the scope of the syslog. |
|
host host-string |
Specify the host name. |
|
port port-number |
Specify the host port number. |
|
transport tcp-tls|udp |
Specify TCP with TLS or UDP as the transport protocol for log events. |
|
message-format structured|legacy |
Specify one among the options as the message format for log events. |
|
status status-string |
Specify the syslog export status. |
|
export-container-logs|no-export-container-logs |
Enable or disable the export of container logs. |
|
export-os-logs|no-export-os-log |
Enable or disable the export of OS logs. |
CLI (network-admin@Leaf1) > admin-syslog-show layout vertical
switch: leaf1
name: log-all
scope: fabric
host: 172.16.21.76
port: 10514
transport: udp
message-format: structured
export-container-logs: off
export-os-logs: off
You can send messages to syslog servers using either RFC5424 (structured) or RFC3164 (legacy) formats. To send syslog messages in a legacy format, add the message-format parameter to admin-syslog-modify command:
CLI (network-admin@Leaf1) > admin-syslog-modify name <name> message-format legacy
You can also modify the port that the service listens on by using the port option in the CLI.
CLI (network-admin@Leaf1) > admin-syslog-modify name <name> port 22
By default, all log messages are sent to syslog servers. Netvisor ONE offers the flexibility of configuring more than one syslog server and sending selective syslog messages to each of them. Filters for forwarding log messages can be created by using the command:
CLI (network-admin@Leaf1) > admin-syslog-match-add
|
admin-syslog-match-add |
Add a syslog event match filter. |
|
syslog-name name-string |
Specify the name of the syslog file. |
|
Specify the following match arguments: |
|
|
name name-string |
Specify a name for the matching scheme. |
|
Specify any of the following options: |
|
|
msg-category event|audit|system|perror|container|os-logs|xact-truncate |
Specify one among the options as the category of the message to match. |
|
msg-program program-string |
Specify the name of the program used to generate the log messages. |
|
msg-name name-string |
Specify the name of the message to match. |
|
msg-code code-number |
Specify the message code to match. |
|
msg-level critical|error|warn|note|info |
Specify one among the options as the severity level to match. By default, all messages are forwarded to the syslog server. |
|
msg-event-type system|port|tcp|stp|igmp|lldp|lacp|vdp|ecp|evb|ptp|storage|tacacs|mld|mroute|vport|lacp-port-event |
Specify the type of event to match. |
|
msg-vnet vnet-name |
Specify the vNET name to match. |
|
msg-remote_switch node-name |
Specify the remote switch to match. |
|
msg-user user-name |
Specify user name to match. |
|
msg-client-addr ip-address |
Specify the client IP address. |
|
msg-port port-number |
Specify the port number to match. |
|
msg-vlan 0..4095 |
Specify the VLAN to match. |
|
msg-bd bridge-domain-name |
Specify the bridge domain to match. |
|
msg-vxlan vxlan-ID |
Specify the VXLAN to match. |
In the absence of a match condition, Netvisor ONE forwards all messages to the syslog server. However, if you configure a match condition, only the messages that match the specified parameters are forwarded. For example:
CLI (network-admin@Leaf1) > admin-syslog-create name to-10.10.10.10 scope fabric host 10.10.10.10 port 10514 message-format structured export-container-logs export-os-logs
CLI (network-admin@Leaf1) > admin-syslog-match-add syslog-name to-10.10.10.10 msg-category event name match-1
The above configuration forwards only event log messages to the syslog server, and all other categories are denied.
To display the configuration, use the admin-syslog-match-show command:
CLI (network-admin@Leaf1) > admin-syslog-match-show
syslog-name msg-category msg-level name
-------------- ------------ --------- -------
to-10.10.10.10 event match-1
Displaying Syslog Information
To view system log information, use the command log-system-show:
|
log-system-show |
Display system log information. |
|
Specify between zero to two of the following options: |
|
|
start-time date/time: yyyy-mm-ddThh:mm:ss |
Specify the start time from which to display the logs. |
|
end-time date/time: yyyy-mm-ddThh:mm:ss |
Specify the end time for the log file. |
|
duration duration: #d#h#m#s |
Specify the duration of the log file. |
|
Specify any of the following parameters to view the information related to those parameters: |
|
|
program program-string |
Specify the program that generates log messages. |
|
pid pid-number |
Specify the product ID generating the log messages. |
|
name name-string |
Specify the message name. |
|
code code-number |
Specify the message code. |
|
level critical|error|warn|note|info |
Specify one among the options as the level of severity. |
|
vnet vnet-name |
Specify the associated VNET. |
|
remote_switch node name |
Specify the name of the remote switch. |
|
client-pid client-pid-number |
Specify the client product ID. |
|
client-addr ip-address |
Specify the client IP address. |
|
port port-number |
Specify the port number. |
|
vlan vlan-id |
Specify the VLAN ID as a value between 2 and 4092. |
|
bd bridge-domain name |
Specify the bridge domain. |
|
vxlan vxlan-id |
Specify the VXLAN ID. |
|
count number 1..50000 |
Specify the number of events to be displayed in a range from 1 to 50000. |
|
starting-point starting-point-number |
Specify the starting point of the log audit. |
|
length length-number |
Specify the length of the log audit. |
|
reverse|no-reverse |
Use this option to enable or disable displaying the messages in reverse order. |
For example:
CLI (network-admin@Leaf1) > log-system-show count 3 layout vertical
category: system
time: 2020-04-13,12:36:00.966426-07:00
name: fabric_node_status
code: 11403
level: note
message: pavo-colo-5: Node status changed to mgmt-only-online
category: system
time: 2020-04-13,12:36:46.462439-07:00
name: congestion_relieved_on_port
code: 11402
level: critical
message: Congestion relieved on port=0
category: system
time: 2020-04-13,12:36:46.509220-07:00
name: congestion_relieved_on_port
code: 11402
level: critical
message: Congestion relieved on port=126
Note: Prior to Netvisor ONE 6.0.0 release, during MAC and IP move, the nvOSd.log file gets flooded with MAC move notifications. Starting from Netvisor ONE version 6.0.0, the MAC and IP move messages are logged in to the system.log file and can be accessed using the log-system-show command. The output of the command is in a summarized format that displays the repetition count instead of printing each message.
Note: Starting from Netvisor ONE version 6.0.1, all system log messages are logged into system.log file. This prevents selective system log messages from being logged into of nvOSd.log or perror.log files.
Displaying Syslog Counters
You can view the number of events that have occurred in the network belonging to the default severity levels by using the log-system-counters-show command:
CLI (network-admin@Leaf1) > log-system-counters-show layout vertical
switch: Leaf1
critical: 0
error: 0
warn: 1061
note: 9
To reset the log counters, issue the log-system-counters-reset command.