System Logs


Note


To achieve simplification and consistency, the Cisco SD-WAN solution has been rebranded as Cisco Catalyst SD-WAN. In addition, from Cisco IOS XE SD-WAN Release 17.12.1a and Cisco Catalyst SD-WAN Release 20.12.1, the following component changes are applicable: Cisco vManage to Cisco Catalyst SD-WAN Manager, Cisco vAnalytics to Cisco Catalyst SD-WAN Analytics, Cisco vBond to Cisco Catalyst SD-WAN Validator, and Cisco vSmart to Cisco Catalyst SD-WAN Controller. See the latest Release Notes for a comprehensive list of all the component brand name changes. While we transition to the new names, some inconsistencies might be present in the documentation set because of a phased approach to the user interface updates of the software product.


System Logs

Table 1. Feature History

Feature Name

Release Information

Description

System Log Support

Cisco Catalyst SD-WAN Manager Release 20.12.1

Cisco IOS CG Release 17.12.1

Added support for saving system log files locally and on remote servers. System log information is useful for monitoring or troubleshooting Cisco Catalyst Wireless Gateways.

Information About System Logs

Minimum software releases: Cisco Catalyst SD-WAN Manager Release 20.12.1, Cisco IOS CG Release 17.12.1

Cisco Catalyst Wireless Gateways generate system log messages that provide information about system activities. To save and access log message files, you can do the following:

  • Configure how much space to allocate in a device's system storage to store log files.

  • Configure a rotation value, which determines how many log files to save locally.

  • Configure devices to store their log message files on a remote server.

Administrators can access the local or remotely stored log messages to monitor Cisco Catalyst Wireless Gateway devices or to troubleshoot device issues.

Prerequisites for Saving System Logs

Prerequisite

Description

Remote server requires Linux

For the remote server that saves system log files, use a Linux-based server.

Remote server requires a syslog package

To support system logs, install the syslog-ng-core Linux package on the remote server.

Restrictions for Saving System Logs

Restriction

Description

Remote server down

If you configure a Cisco Catalyst Wireless Gateway device to save system log files to a remote server, the device is unable to check whether the remote server is active or down. If the device attempts to save a system log file to a server and the server is down, the log information may be lost.

Configure a Device to Save System Logs

Before You Begin

This procedure requires a configuration group that applies to Cisco Catalyst Wireless Gateways. On the Configuration Groups page in Cisco SD-WAN Manager, configuration groups for Cisco Catalyst Wireless Gateways show mobility in the Device Solution field.

Configure a Device to Save System Logs

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Configuration Groups.

  2. Click adjacent to a configuration group for a Cisco Catalyst Wireless Gateway (marked mobility) and choose Edit.

  3. Click Global Profile to show the configured features of the Global Profile.

  4. If Logging does not already appear as a configured feature, click Add Global Profile Feature, and choose Logging. If a Logging feature has already been added, click adjacent to the Logging feature and choose Edit Feature.

  5. For the Logging feature, configure the following fields:

    Field

    Description

    Name

    Name of the Logging feature configuration.

    Description

    (Optional) Description of the Logging feature configuration.

    Max File Size (in Megabytes)

    Maximum file size for each log file that a Cisco Catalyst Wireless Gateway device stores locally. After reaching the maximum size, the device creates a new log file, with a numerically sequenced filename.

    The device stores the first log file locally with the filename, "messages". After it reaches the maximum file size, it creates new log files using the following filename format:

    messages.number

    Default: 10

    Range: 1 through 20

    Examples:

    messages
    messages.1
    messages.2

    Rotations

    Maximum number of log files to store locally.

    After the maximum number of log files is stored, the next log file that the device saves overwrites the oldest log file.

    For example, if you configure 3 rotations, the device first saves a log file called messages. When the messages file reaches the maximum file size, the device creates a file called messages.1 to continue saving log messages. When messages.1 reaches its maximum size, the device creates a new message file called messages.2. When messages.2 reaches its maximum size and the device needs to create a new file, the device deletes the original messages file (which is the oldest) and begins writing a file called messages.3.

    Default: 10

    Range: 1 through 10

    Add Server

    (in the Server area)

    (Optional) Configure up to four servers on which to save log message files remotely.

    When you click Add Server, the Add Server pop-up window appears. The fields in the pop-up window are described below.

    The log message file size is limited only by the file system of the server, and is not determined by the Max File Size field described above.

    Devices save the log message file using the hostname of the device itself in the server’s /var/log directory, in the following format:

    hostname.log

    Example (for a Cisco Catalyst Wireless Gateway device with hostname cwg100):

    /var/log/cwg100.log

    Hostname/IP Address

    (in the Add Server pop-up window)

    Hostname or IP address of the server.

    Priority

    (in the Add Server pop-up window)

    Filter the type of log messages saved using one of the following priority options, listed from lowest to highest priority.

    Each priority option configures the device to save log messages of that priority and all higher priorities. For example, information is the lowest priority of message, so choosing information includes information log messages and all other log messages too.

    Choosing error excludes information, notice, and warn log messages, but includes error messages and all other log messages of higher priority (critical, alert, and emergency).

    From lowest to highest priority, the options are the following:

    • information

    • notice

    • warn

    • error

    • critical

    • alert

    • emergency

    Source IP

    (in the Add Server pop-up window)

    Choose one of the following:

    • System IP: (Default) For system log messages that include the system IP address of the Cisco Catalyst Wireless Gateway device, the log message uses the default system IP address of the device. The system IP address is the unique address that you assign to the device when onboarding to Cisco SD-WAN Manager. We recommend using this option.

    • Device Specific IP: For system log messages that include the device-specific IP address of the Cisco Catalyst Wireless Gateway device, the log message uses a manually configured custom IP address of the device. The device-specific IP is a unique IP address manually configured for each device.

      The workflow is as follows:

      1. Choose the Device Specific IP option.

      2. When you apply the configuration group to one or more Cisco Catalyst Wireless Gateway devices, Cisco SD-WAN Manager prompts you for a device-specific IP address for each device. Each device creates a loopback interface using the device-specific IP address that you have entered. This address then appears in system log messages for the device.