Configuring System Message Logging
This chapter describes how to configure system message logging.
This chapter includes the following topics:
•Information About System Message Logging
•System Message Logging Facilities
•Guidelines and Limitations
•Default Settings
•Configuring System Message Logging
•Verifying the System Message Logging Configuration
•System Message Logging Example Configuration
•Additional References
•Feature History for System Message Logging
Information About System Message Logging
You can use system message logging to control the destination and to filter the severity level of messages that system processes generate. You can configure logging to terminal sessions, a log file, and syslog servers on remote systems.
System message logging is based on RFC 3164. For more information about the system message format and the messages that the device generates, see the Cisco NX-OS System Messages Reference.
By default, the device outputs messages to terminal sessions. For information about configuring logging to terminal sessions, see the "Configuring System Message Logging to Terminal Sessions" section.
Table 12-1 describes the severity levels used in system messages. When you configure the severity level, the system outputs messages at that level and lower.
.
Table 12-1 System Message Severity Levels
|
|
0 - emergency |
System unusable |
1 - alert |
Immediate action needed |
2 - critical |
Critical condition |
3 - error |
Error condition |
4 - warning |
Warning condition |
5 - notification |
Normal but significant condition |
6 - informational |
Informational message only |
7 - debugging |
Appears during debugging only |
The device logs the most recent 100 messages of severity 0, 1, or 2.
You can configure which system messages should be logged based on the facility that generated the message and its severity level. For information about facilities, see the "System Message Logging Facilities" section. For information about configuring the severity level by module and facility, see the "Configuring System Message Logging for Modules" section.
syslog servers run on remote systems that are configured to log system messages based on the syslog protocol. You can configure up to three syslog servers. For information about configuring syslog servers, see the "Configuring syslog Servers" section.
Note When the device first initializes, messages are sent to syslog servers only after the network is initialized.
System Message Logging Facilities
Table 12-2 lists the facilities that you can use in system message logging configuration.
Table 12-2 System Message Logging Facilities
|
|
aaa |
AAA manager |
aclmgr |
ACL manager |
adjmgr |
Adjacency Manager |
all |
Keyword that represents all facilities |
arbiter |
Arbiter manager |
arp |
ARP manager |
auth |
Authorization system |
authpriv |
Private authorization system |
bootvar |
Bootvar |
callhome |
Call home manager |
capability |
MIG utilities daemon |
cdp |
CDP manager |
cert-enroll |
Certificate enroll daemon |
cfs |
CFS manager |
clis |
CLIS manager |
cmpproxy |
CMP proxy manager |
copp |
CoPP manager |
core |
Core daemon |
cron |
Cron and at scheduling service |
daemon |
System daemons |
dhcp |
DHCP manager |
diagclient |
GOLD diagnostic client manager |
diagmgr |
GOLD diagnostic manager |
eltm |
ELTM manager |
ethpm |
Ethernet PM manager |
evmc |
EVMC manager |
evms |
EVMS manager |
feature-mgr |
Feature manager |
fs-daemon |
Fs daemon |
ftp |
File transfer system |
glbp |
GLBP manager |
hsrp |
HSRP manager |
im |
IM manager |
ipconf |
IP configuration manager |
ipfib |
IP FIB manager |
kernel |
OS kernel |
l2fm |
L2 FM manager |
l2nac |
L2 NAC manager |
l3vm |
L3 VM manager |
license |
Licensing manager |
local0 |
Local use daemon |
local1 |
Local use daemon |
local2 |
Local use daemon |
local3 |
Local use daemon |
local4 |
Local use daemon |
local5 |
Local use daemon |
local6 |
Local use daemon |
local7 |
Local use daemon |
lpr |
Line printer system |
m6rib |
M6RIB manager |
mail |
Mail system |
mfdm |
MFDM manager |
module |
Module manager |
monitor |
Ethernet SPAN manager |
mrib |
MRIB manager |
mvsh |
MVSH manager |
news |
USENET news |
nf |
NF manager |
ntp |
NTP manag |
otm |
GLBP manager |
pblr |
PBLR manager |
pfstat |
PFSTAT manager |
pixm |
PIXM manager |
pixmc |
PIXMC manager |
pktmgr |
Packet manager |
platform |
Platform manager |
pltfm_config |
PLTFM configuration manager |
plugin |
Plug-in manager |
port-channel |
Port channel manager |
port_client |
Port client manager |
port_lb |
Diagnostic port loopback test manager |
qengine |
Q engine manager |
radius |
RADIUS manager |
res_mgr |
Resource? manager |
rpm |
RPM manager |
security |
Security manager |
session |
Session manager |
spanning-tree |
Spanning tree manager |
syslog |
Internal syslog manager |
sysmgr |
System manager |
tcpudp |
TCP and UDP manager |
u2 |
U2 manager |
u6rib |
U6RIB manager |
ufdm |
UFDM manager |
urib |
URIB manager |
user |
User process |
uucp |
Unix-to-Unix copy system |
vdc_mgr |
VDC manager |
vlan_mgr |
VLAN manager |
vmm |
VMM manager |
vshd |
VSHD manager |
xbar |
XBAR manager |
xbar_client |
XBAR client manager |
xbar_driver |
XBAR driver manager |
xml |
XML agent |
Guidelines and Limitations
System messages are logged to the console and the logfile by default.
Default Settings
Table 12-3 lists the default settings for system message logging.
Table 12-3 System Message Logging Defaults
|
|
Console logging |
Enabled at severity level 2 |
Monitor logging |
Enabled at severity level 5 |
Log file logging |
Enabled to log messages at severity level 5 |
Module logging |
Enabled at severity level 5 |
Facility logging |
Enabled; for severity levels, see the "System Message Logging Facilities" section. |
Time-stamp units |
Seconds |
syslog server logging |
Disabled |
syslog server configuration distribution |
Disabled |
Configuring System Message Logging
This section includes the following topics:
•Configuring System Message Logging to Terminal Sessions
•Restoring System Message Logging Defaults for Terminal Sessions
•Configuring System Message Logging for Modules
•Restoring System Message Logging Defaults for Modules
•Configuring System Message Logging for Facilities
•Restoring System Message Logging Defaults for Facilities
•Configuring syslog Servers
•Restoring System Message Logging Defaults for Servers
•Using a UNIX or Linux System to Configure Logging
•Displaying Log Files
Note Be aware that NX-OS commands may differ from the Cisco IOS commands.
Configuring System Message Logging to Terminal Sessions
Use this procedure to log messages by severity level to console, telnet, and SSH sessions.
BEFORE YOU BEGIN
Before beginning this procedure, you must know or do the following.
•By default, logging is enabled for terminal sessions.
SUMMARY STEPS
1. terminal monitor
2. config t
3. logging console [severity-level]
4. show logging console
5. logging monitor [severity-level]
6. show logging monitor
7. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
terminal monitor Example: n1000v# terminal monitor n1000v# |
Enables the device to log messages to the console. |
Step 2 |
config t Example: n1000v# config t n1000v(config)# |
Enters global configuration mode. |
Step 3 |
logging console [severity-level] Example: n1000v(config)# logging console 2 n1000v(config)# |
Configures the device to log messages to the console session based on a specified severity level or higher. Severity levels, which can range from 0 to 7, are listed in Table 12-1. If the severity level is not specified, the default of 2 is used. |
Step 4 |
show logging console |
(Optional) Displays the console logging configuration. |
Step 5 |
logging monitor [severity-level] Example: n1000v(config)# logging monitor 3 n1000v(config)# |
Enables the device to log messages to the monitor based on a specified severity level or higher. The configuration applies to telnet and SSH sessions. Severity levels, which can range from 0 to 7, are listed in Table 12-1. If the severity level is not specified, the default of 2 is used. |
Step 6 |
show logging monitor |
(Optional) Displays the monitor logging configuration. |
Step 7 |
copy running-config startup-config Example: n1000v(config)# copy running-config startup-config |
(Optional) Copies the running configuration to the startup configuration. |
Example:
n1000v# terminal monitor
n1000v# config t
n1000v(config)# logging console 2
n1000v(config)# show logging console
Logging console: enabled (Severity: critical)
n1000v(config)# logging monitor 3
n1000v(config)# show logging monitor
Logging monitor: enabled (Severity: errors)
n1000v(config)# copy running-config startup-config
Restoring System Message Logging Defaults for Terminal Sessions
Use the following commands in the CLI Global Configuration mode to restore default settings for system message logging for terminal sessions.
|
|
no logging console [severity-level] Example: n1000v(config)# no logging console n1000v(config)# |
Disables the device from logging messages to the console. |
no logging monitor [severity-level] Example: n1000v(config)# no logging monitor 3 n1000v(config)# |
Disables logging messages to telnet and SSH sessions. |
Configuring System Message Logging for Modules
Use this procedure to configure the severity level and time-stamp units of messages logged by modules.
SUMMARY STEPS
1. config t
2. logging module [severity-level]
3. show logging module
4. logging timestamp {microseconds | milliseconds | seconds}
5. show logging timestamp
6. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t Example: n1000v# config t n1000v(config)# |
Places you into CLI Global Configuration mode. |
Step 2 |
logging module [severity-level] Example: n1000v(config)# logging module 3 |
Enables module log messages that have the specified severity level or higher. Severity levels, which range from 0 to 7, are listed in Table 12-1. If the severity level is not specified, the default of 5 is used. |
Step 3 |
show logging module |
(Optional) Displays the module logging configuration. |
Step 4 |
logging timestamp {microseconds | milliseconds | seconds} Example: n1000v(config)# logging timestamp microseconds |
Sets the logging time-stamp units. The default unit is seconds. |
Step 5 |
show logging timestamp |
(Optional) Displays the logging time-stamp units configured. |
Step 6 |
copy running-config startup-config Example: n1000v(config)# copy running-config startup-config |
(Optional) Copies the running configuration to the startup configuration. |
The following example shows how to configure system message logging for modules.
n1000v# config t
n1000v(config)# logging module 3
n1000v(config)# show logging module
Logging linecard: enabled (Severity: errors)
n1000v(config)# logging timestamp microseconds
n1000v(config)# show logging timestamp
Logging timestamp: Microseconds
n1000v(config)# copy running-config
Restoring System Message Logging Defaults for Modules
Use the following commands in the CLI Global Configuration mode to restore default settings for system message logging for modules.
|
|
no logging module [severity-level] Example: n1000v(config)# no logging module 3 n1000v(config)# |
Restores the default severity level for logging module system messages. |
no logging timestamp {microseconds | milliseconds | seconds} Example: n1000v(config)# no logging timestamp milliseconds |
Resets the logging time-stamp unit to the default (seconds). |
Configuring System Message Logging for Facilities
Use this procedure to configure the severity level and time-stamp units of messages logged by facilities.
SUMMARY STEPS
1. config t
2. logging level facility severity-level
3. show logging level [facility]
4. logging timestamp {microseconds | milliseconds | seconds}
5. show logging timestamp
6. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t Example: n1000v# config t n1000v(config)# |
Places you into CLI Global Configuration mode. |
Step 2 |
logging level facility severity-level Example: n1000v(config)# logging level aaa 3 n1000v(config)# |
Enables logging messages from the specified facility that have the specified severity level or higher. The facilities are listed in the "System Message Logging Facilities" section. Severity levels, which range from 0 to 7, are listed in Table 12-1. To apply the same severity level to all facilities, use the all facility. For defaults, see the show logging level command. |
Step 3 |
show logging level [facility] Example: n1000v(config)# show logging level aaa |
(Optional) Displays the logging level configuration and the system default level by facility. If you do not specify a facility, the device displays levels for all facilities. |
Step 4 |
logging timestamp {microseconds | milliseconds | seconds} Example: n1000v(config)# logging timestamp microseconds |
Sets the logging time-stamp units. The default unit is seconds. |
Step 5 |
show logging timestamp |
(Optional) Displays the logging time-stamp units configured. |
Step 6 |
copy running-config startup-config Example: n1000v(config)# copy running-config startup-config |
(Optional) Copies the running configuration to the startup configuration. |
The following example shows how to configure system message logging for facilities.
n1000v(config)# logging level aaa 3
n1000v(config)# show logging level aaa
Facility Default Severity Current Session Severity
-------- ---------------- ------------------------
0(emergencies) 1(alerts) 2(critical)
3(errors) 4(warnings) 5(notifications)
6(information) 7(debugging)
logging timestamp microseconds
n1000v(config)# show logging timestamp
Logging timestamp: Microseconds
copy running-config startup-config
Restoring System Message Logging Defaults for Facilities
Use the following commands to restore system message logging defaults for facilities.
|
|
no logging level [facility severity-level] Example: n1000v(config)# no logging level aaa 3 n1000v(config)# |
Restores the default logging severity level for the specified facility. If you do not specify a facility and severity level, the device resets all facilities to their default levels. |
no logging timestamp {microseconds | milliseconds | seconds} Example: n1000v(config)# no logging timestamp milliseconds |
Resets the logging time-stamp unit to the default (seconds). |
Configuring syslog Servers
Use this procedure to configure syslog servers for system message logging.
SUMMARY STEPS
1. config t
2. logging server host [severity-level [use_vrf vrf-name]]
3. show logging server
4. copy running-config startup-config
DETAILED STEPS
|
|
|
Step 1 |
config t Example: n1000v# config t n1000v(config)# |
Enters global configuration mode. |
Step 2 |
logging server host [severity-level [use-vrf vrf-name]]
n1000v(config)# logging server 10.10.2.2 7
|
Configures a syslog server at the specified host name or IPv4 or IPv6 address. You can limit logging of messages to a particular VRF by using the use_vrf keyword. Severity levels, which range from 0 to 7, are listed in Table 12-1. The default outgoing facility is local7. The example forwards all messages on facility local 7. |
Step 3 |
show logging server Example: n1000v(config)# show logging server
server severity: debugging
server facility: local7 |
(Optional) Displays the syslog server configuration. |
Step 4 |
copy running-config startup-config Example: n1000v(config)# copy running-config startup-config |
(Optional) Copies the running configuration to the startup configuration. |
Restoring System Message Logging Defaults for Servers
Use the following command to restore server system message logging default.
|
|
no logging server host Example: n1000v(config)# no logging server host |
Removes the logging server for the specified host. |
Using a UNIX or Linux System to Configure Logging
Use this procedure on a UNIX or Linux system to configure message logging.
BEFORE YOU BEGIN
Before you begin this procedure, you must know or do the following:
•The following are the UNIX or Linux fields to configure for syslog:
|
|
Facility |
Creator of the message, which can be auth, authpriv, cron, daemon, kern, lpr, mail, mark, news, syslog, user, local0 through local7, or an asterisk (*) for all. These facility designators allow you to control the destination of messages based on their origin. Note Check your configuration before using a local facility. |
Level |
Minimum severity level at which messages are logged, which can be debug, info, notice, warning, err, crit, alert, emerg, or an asterisk (*) for all. You can use none to disable a facility. |
Action |
Destination for messages, which can be a filename, a host name preceded by the at sign (@), or a comma-separated list of users or an asterisk (*) for all logged-in users. |
.
DETAILED STEPS
Step 1 On the UNIX or Linux system, add the following line to the file, /var/log/myfile.log:
facility.level <five tab characters> action
debug.local7 /var/log/myfile.log
Step 2 Create the log file by entering these commands at the shell prompt:
$ touch /var/log/myfile.log
$ chmod 666 /var/log/myfile.log
Step 3 Make sure the system message logging daemon reads the new changes by checking myfile.log after entering this command:
$ kill -HUP ~cat /etc/syslog.pid~
Displaying Log Files
Use this procedure to display messages in the log file.
SUMMARY STEPS
1. show logging last number-lines
DETAILED STEPS
|
|
|
Step 1 |
show logging last number-lines |
Displays the last number of lines in the logging file. You can specify from 1 to 9999 for the last number of lines. |
The following example shows the last five lines in the logging file.
n1000v# show logging last 5
2008 Aug 31 09:37:04 CP-beta2 %KERN-3-SYSTEM_MSG: packet_recvms
g: truncated packet (size=1514 left=1500) - kernel
2008 Aug 31 09:37:04 CP-beta2 %KERN-3-SYSTEM_MSG: packet_recvms
g: truncated packet (size=1514 left=1500) - kernel
2008 Aug 31 09:37:05 CP-beta2 %KERN-3-SYSTEM_MSG: packet_recvms
g: truncated packet (size=1514 left=1500) - kernel
2008 Aug 31 09:37:05 CP-beta2 %KERN-3-SYSTEM_MSG: packet_recvms
g: truncated packet (size=1514 left=1500) - kernel
2008 Aug 31 09:37:05 CP-beta2 %KERN-3-SYSTEM_MSG: packet_recvms
g: truncated packet (size=1514 left=1500) - kernel
Verifying the System Message Logging Configuration
To verify the system message logging configuration, use one of the following commands:
|
|
show logging console |
Displays the console logging configuration. See Example 12-1 |
show logging info |
Displays the logging configuration. See Example 12-2 |
show logging last number-lines |
Displays the last number of lines of the log file. See Example 12-3 |
show logging level [facility] |
Displays the facility logging severity level configuration. See Example 12-4 |
show logging module |
Displays the module logging configuration. See Example 12-5 |
show logging monitor |
Displays the monitor logging configuration. See Example 12-6 |
show logging server |
Displays the syslog server configuration. See Example 12-7 |
show logging session |
Displays the logging session status. See Example 12-8 |
show logging status |
Displays the logging status. See Example 12-9 |
show logging timestamp |
Displays the logging time-stamp units configuration. See Example 12-10 |
Example 12-1 show logging console
n1000v# show logging console
Logging console: disabled
Example 12-2 show logging info
n1000v# show logging info
Logging console: enabled (Severity: critical)
Logging monitor: enabled (Severity: notifications)
Logging linecard: enabled (Severity: notifications)
Logging timestamp: Seconds
Name - g/external/messages: Severity - notifications Size - 4194304
Facility Default Severity Current Session Severity
-------- ---------------- ------------------------
0(emergencies) 1(alerts) 2(critical)
3(errors) 4(warnings) 5(notifications)
6(information) 7(debugging)
Example 12-3 show logging last
n1000v# show logging last 5
2008 Jul 29 17:52:42 S22-DCOS %ETHPORT-5-IF_UP: Interface Ethernet2/5 is up in mode access
2008 Jul 29 17:52:43 S22-DCOS %ETHPORT-5-IF_UP: Interface Ethernet2/2 is up in mode trunk
2008 Jul 29 17:52:43 S22-DCOS %ETHPORT-5-IF_UP: Interface Ethernet2/4 is up in mode access
2008 Jul 29 17:53:04 S22-DCOS %SYSMGR-3-BASIC_TRACE: process_cfg_write: PID 1858 with message rcvd cfg_action from
sap 0x545 for vdc 1 at time 1217353984 .
2008 Jul 29 17:53:04 S22-DCOS clis[2558]: CLI-3-NVDB: Batched send failed for component: clic
Example 12-4 show logging level aaa
n1000v# show logging level aaa
Facility Default Severity Current Session Severity
-------- ---------------- ------------------------
0(emergencies) 1(alerts) 2(critical)
3(errors) 4(warnings) 5(notifications)
6(information) 7(debugging)
Example 12-5 show logging module
n1000v# show logging module
Logging linecard: enabled (Severity: notifications)
Example 12-6 show logging monitor
n1000v# show logging monitor
Logging monitor: enabled (Severity: errors)
Example 12-7 show logging server
n1000v# show logging server
server severity: debugging
server facility: local7
n1000v#
Example 12-8 show logging session status
n1000v# show logging session status
Last Action Time Stamp : Fri Nov 18 11:28:55 1910
Last Action : Distribution Enable
Last Action Result : Success
Last Action Failure Reason : none
Example 12-9 show logging status
n1000v# show logging status
Fabric Distribute : Enabled
Example 12-10 show logging timestamp
n1000v# show logging timestamp
Logging timestamp: Seconds
System Message Logging Example Configuration
The following example shows how to configure system message logging:
logging timestamp milliseconds
logging server 172.28.254.253
logging server 172.28.254.254 5 local3
copy running-config startup-config
Additional References
For additional information related to implementing system message logging, see the following sections:
•Related Documents
•Standards
Related Documents
|
|
System messages |
Cisco NX-OS System Messages Reference |
Complete command syntax, command modes, command history, defaults, usage guidelines, and examples |
Cisco Nexus 1000V Command Reference, Release 4.2(1)SV1(4a) |
Standards
|
|
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature. |
— |
Feature History for System Message Logging
This section provides the system message logging feature release history.
|
|
|
System Message Logging |
4.0(4)SV1(1) |
This feature was introduced. |