Configuring System Logging


Netvisor ONE allows you to send log messages to syslog servers over a UDP session or a TCP session with TLS encryption. By default, the messages are sent to syslog servers through UDP.


CLI (network-admin@Leaf1) > admin-syslog-create

admin-syslog-create

Use this command to configure syslog parameters.

Specify the following options:


name name-string

Specify the name for the syslog configuration.

scope local|fabric

Specify one among the options the scope of the syslog.

host host-string

Specify the host name.

port port-number

Specify the host port number.

transport tcp-tls|udp

Specify TCP with TLS or UDP as the transport protocol for log events. UDP is used by default.

message-format structured|legacy

Specify one among the options as the message format for log events.

export-container-logs|no-export-container-logs

Enable or disable the export of container logs.

export-os-logs|no-export-os-log

Enable or disable the export of OS logs.


For example, to configure the switch to send all log messages to a syslog server with an IP address of 172.16.21.67 through port 10514, use the following command:


CLI (network-admin@Leaf1) > admin-syslog-create name <name> scope fabric host 172.16.21.76 port 10514 message-format structured


To display the configuration, use the admin-syslog-show command:


CLI (network-admin@Leaf1) > admin-syslog-show

admin-syslog-show

Use this command to view the syslog configuration.

Specify the following options:


name name-string

Specify the name of the syslog.

scope local|fabric

Specify the scope of the syslog.

host host-string

Specify the host name.

port port-number

Specify the host port number.

transport tcp-tls|udp

Specify TCP with TLS or UDP as the transport protocol for log events.

message-format structured|legacy

Specify one among the options as the message format for log events.

status status-string

Specify the syslog export status.

export-container-logs|no-export-container-logs

Enable or disable the export of container logs.

export-os-logs|no-export-os-log

Enable or disable the export of OS logs.


CLI (network-admin@Leaf1) > admin-syslog-show layout vertical

switch:                leaf1

name:                  log-all

scope:                 fabric

host:                  172.16.21.76

port:                  10514

transport:             udp

message-format:        structured

export-container-logs: off

export-os-logs:        off

 

You can send messages to syslog servers using either RFC5424 (structured) or RFC3164 (legacy) formats. To send syslog messages in a legacy format, add the message-format parameter to admin-syslog-modify command:

 

CLI (network-admin@Leaf1) > admin-syslog-modify name <name> message-format legacy

 

You can also modify the port that the service listens on by using the port option in the CLI.


CLI (network-admin@Leaf1) > admin-syslog-modify name <name> port 22


By default, all log messages are sent to syslog servers. Netvisor ONE offers the flexibility of configuring more than one syslog server and sending selective syslog messages to each of them. Filters for forwarding log messages can be created by using the command:


CLI (network-admin@Leaf1) > admin-syslog-match-add


admin-syslog-match-add

Add a syslog event match filter.

syslog-name name-string

Specify the name of the syslog file.

Specify the following match arguments:

name name-string

Specify a name for the matching scheme.

Specify any of the following options:

msg-category event|audit|system|perror|container|os-logs|xact-truncate

Specify one among the options as the category of the message to match.

msg-program program-string

Specify the name of the program used to generate the log messages.

msg-name name-string

Specify the name of the message to match.

msg-code code-number

Specify the message code to match.

msg-level critical|error|warn|note|info

Specify one among the options as the severity level to match. 

By default, all messages are forwarded to the syslog server.

msg-event-type system|port|tcp|stp|igmp|lldp|lacp|vdp|ecp|evb|ptp|storage|tacacs|mld|mroute|vport|lacp-port-event

Specify the type of event to match.

msg-vnet vnet-name

Specify the vNET name to match.

msg-remote_switch node-name

Specify the remote switch to match.

msg-user user-name

Specify user name to match.

msg-client-addr ip-address

Specify the client IP address.

msg-port port-number

Specify the port number to match.

msg-vlan 0..4095

Specify the VLAN to match.

msg-bd bridge-domain-name

Specify the bridge domain to match.

msg-vxlan vxlan-ID

Specify the VXLAN to match.


In the absence of a match condition, Netvisor ONE forwards all messages to the syslog server. However, if you configure a match condition, only the messages that match the specified parameters are forwarded. For example:


CLI (network-admin@Leaf1) > admin-syslog-create name to-10.10.10.10 scope fabric host 10.10.10.10 port 10514 message-format structured export-container-logs export-os-logs


CLI (network-admin@Leaf1) > admin-syslog-match-add syslog-name to-10.10.10.10 msg-category event name match-1


The above configuration forwards only event log messages to the syslog server, and all other categories are denied.


To display the configuration, use the admin-syslog-match-show command:

 

CLI (network-admin@Leaf1) > admin-syslog-match-show

syslog-name    msg-category msg-level name    

-------------- ------------ --------- -------

to-10.10.10.10 event                  match-1

 

Displaying Syslog Information


To view system log information, use the command log-system-show:


log-system-show

Display system log information.

Specify between zero to two of the following options:


start-time date/time: yyyy-mm-ddThh:mm:ss

Specify the start time from which to display the logs.

end-time date/time: yyyy-mm-ddThh:mm:ss

Specify the end time for the log file.

duration duration: #d#h#m#s

Specify the duration of the log file.

Specify any of the following parameters to view the information related to those parameters:

program program-string

Specify the program that generates log messages.

pid pid-number

Specify the product ID generating the log messages.

name name-string

Specify the message name.

code code-number

Specify the message code.

level critical|error|warn|note|info

Specify one among the options as the level of severity.

vnet vnet-name

Specify the associated VNET.

remote_switch node name

Specify the name of the remote switch.

client-pid client-pid-number

Specify the client product ID.

client-addr ip-address

Specify the client IP address.

port port-number

Specify the port number.

vlan vlan-id

Specify the VLAN ID as a value between 2 and 4092.

bd bridge-domain name

Specify the bridge domain.

vxlan vxlan-id

Specify the VXLAN ID.

count number 1..50000

Specify the number of events to be displayed in a range from 1 to 50000.

starting-point starting-point-number

Specify the starting point of the log audit.

length length-number

Specify the length of the log audit.

reverse|no-reverse

Use this option to enable or disable displaying the messages in reverse order.


For example:

CLI (network-admin@Leaf1) > log-system-show count 3 layout vertical

category:         system

time:             2020-04-13,12:36:00.966426-07:00

name:             fabric_node_status

code:             11403

level:            note

message:          pavo-colo-5: Node status changed to mgmt-only-online

category:         system

time:             2020-04-13,12:36:46.462439-07:00

name:             congestion_relieved_on_port

code:             11402

level:            critical

message:          Congestion relieved on port=0

category:         system

time:             2020-04-13,12:36:46.509220-07:00

name:             congestion_relieved_on_port

code:             11402

level:            critical

message:          Congestion relieved on port=126


Note: Prior to Netvisor ONE 6.0.0 release, during MAC and IP move, the nvOSd.log file gets flooded with MAC move notifications. Starting from Netvisor ONE version 6.0.0, the MAC and IP move messages are logged in to the system.log file and can be accessed using the log-system-show command. The output of the command is in a summarized format that displays the repetition count instead of printing each message.


Note: Starting from Netvisor ONE version 6.0.1, all system log messages are logged into system.log file. This prevents selective system log messages from being logged into of nvOSd.log or perror.log files.


Displaying Syslog Counters


You can view the number of events that have occurred in the network belonging to the default severity levels by using the log-system-counters-show command:


CLI (network-admin@Leaf1) > log-system-counters-show layout vertical

switch:       Leaf1

critical:     0

error:        0

warn:         1061

note:         9

 

To reset the log counters, issue the log-system-counters-reset command.


north
    keyboard_arrow_up
    keyboard_arrow_down
    description
    print
    feedback
    support
    business
    rss_feed
    south