There are five types of logs that can be configured and viewed on the system:

Important

Not all Event Logs can be configured on all products. Configurability depends on the hardware platform and licenses in use.

• Event: Event logging can be used to determine system status and capture important information pertaining to protocols and tasks in use by the system. This is a global function that will be applied to all contexts, sessions, and processes.

• Active: Active logs are operator configurable on a CLI instance-by-CLI instance basis. Active logs that are configured by an administrative user in one CLI instance cannot be viewed by an administrative user in a different CLI instance. Each active log can be configured with filter and display properties that are independent of those configured globally for the system. Active logs are displayed in real time as events are generated.

• Trace: Trace logging can be used to quickly isolate issues that may arise for a particular connected subscriber session. Traces can be taken for a specific call identification (callid) number, IP address, mobile station identification (MSID) number, or username.

• Monitor: Monitor logging records all activity associated with a particular session. This functionality is available in order to comply with law enforcement agency requirements for monitoring capabilities of particular subscribers. Monitors can be performed based on a subscriber's MSID or username.

• Crash: Crash logging stores useful information pertaining to system software crashes. This information is useful in determining the cause of the crash.

Important

Stateful Firewall and NAT supports logging of various messages on screen if logging is enabled for firewall. These logs provide detailed messages at various levels, like critical, error, warning, and debug. Stateful Firewall and NAT attack logs also provide information on the source IP address, destination IP address, protocol, or attack type for any packet dropped due to an attack and are also sent to a syslog server if configured in the system. For more information on logging support for Stateful Firewall and NAT, see the Logging Support chapter of PSF Administration Guide or NAT Administration Guide.

The system can be configured to generate logs based on user-defined filters. The filters specify the facilities (system tasks or protocols) that the system is to monitor and severity levels at which to trigger the generation of the event entries.

Event logs are stored in system memory and can be viewed via the CLI. There are two memory buffers that store event logging information. The first buffer stores the active log information. The second buffer stores inactive logging information. The inactive buffer is used as a temporary repository to allow you to view logs without having data be overwritten. Logs are copied to the inactive buffer only through manual intervention.

Each buffer can store up to 50,000 events. Once these buffers reach their capacity, the oldest information is removed to make room for the newest.

To prevent the loss of log data, the system can be configured to transmit logs to a syslog server over a network interface.

Active logs are event logs that are operator configurable on a CLI instance-by-CLI instance basis. Active logs configured by an administrative user in one CLI instance are not displayed to an administrative user in a different CLI instance. Each active log can be configured with filter and display properties that are independent of those configured globally for the system. Active logs are displayed in real time as they are generated.

Active logs are not written to the active memory buffer by default. To write active logs to the active memory buffer execute the following command in the Global Configuration mode:

logging runtime buffer store all-events 

When active logs are written to the active memory buffer, they are available to all users in all CLI instances.

Use the following example to configure active logging in Global Configuration mode:

logging filter runtime facility facility level report_level 

NOTES:

• Configure the logging filter that determines which system facilities should be logged and at what levels.

• Repeat for every facility that you want to log.

• Optional: Configure event ID restrictions by adding the logging disable eventid command. The system provides the ability to restrict the sending of a specific event ID or a range of event IDs to minimize the amount of data logged to that which is most useful. Repeat to disable logging for more event IDs or event ID ranges.

Once all the necessary information has been gathered, the Active log display can be stopped by entering the following command in the EXEC mode:

no logging active 

The following facilities can be configured for logging event data:

• a10: A10 interface facility

• a11: A11 interface facility

• a11mgr: A11 Manager facility

• aaa-client: Authentication, Authorization and Accounting (AAA) client facility

• aaamgr: AAA manager logging facility

• aaaproxy: AAA Proxy facility

• aal2: ATM Adaptation Layer 2 (AAL2) protocol logging facility

• acl-log: Access Control List (ACL) logging facility

• acsctrl: Active Charging Service (ACS) Controller facility

• acsmgr: ACS Manager facility

• afctrl: Fabric Controller facility [ASR 5500 only]

• afmgr: Fabric Manager logging facility [ASR 5500 only]

• alarmctrl: Alarm Controller facility

• alcap: Access Link Control Application Part (ALCAP) protocol logging facility

• alcapmgr: ALCAP manager logging facility

• all: All facilities

• bfd: Bidirectional Forwarding Detection (BFD) protocol logging facility

• bgp: Border Gateway Protocol (BGP) facility

• bindmux: IPCF BindMux-Demux Manager logging facility

• bngmgr: Broadband Network Gateway (BNG) Demux Manager logging facility

• bssap+: Base Station Sub-system Application Part+ protocol facility for the login interface between the SGSN and the MSC/VLR (2.5G and 3G)

• bssgp: Base Station Sub-system GPRS Protocol logging facility handles exchange information between the SGSN and the BSS (2.5G only)

• callhome: Call Home application logging facility

• cap: CAMEL Application Part (CAP) logging facility for protocol used in prepaid applications (2.5G and 3G)

• cbsmgr: Cell Broadcasting Service (CBS) logging facility [HNBGW]

• cdf: Charging Data Function (CDF) logging facility

• cfctrl: Content filtering controller logging facility

• cfmgr: Content filtering manager logging facility

• cgw: Converged Access Gateway (CGW) logging facility

• cli: Command Line Interface (CLI) logging facility

• cmp: Certificate Management Protocol (IPSec) logging facility

• confdmgr: ConfD Manager proclet (NETCONF) logging facility

• connectedapps: SecGW ASR 9000 oneP communication procotol

• connproxy: Controller Proxy logging facility

• credit-control: Credit Control (CC) facility

• csp: Card/Slot/Port controller facility

• css: Content Service Selection (CSS) facility

• css-sig: CSS RADIUS Signaling facility

• cx-diameter: Cx Diameter Messages facility [CSCF <--> HSS]

• data-mgr: Data Manager Framework logging facility

• dcardctrl: IPSec Daughter Card Controller logging facility

• dcardmgr: IPSec Daughter Card Manager logging facility

• demuxmgr: Demux Manager API facility

• dgmbmgr: Diameter Gmb Application Manager logging facility

• dhcp: Dynamic Host Configuration Protocol (DHCP) logging facility

• dhcpv6: DHCPv6

• dhost: Distributed Host logging facility

• diabase: Diabase messages facility

• diactrl: Diameter Controller proclet logging facility

• diameter: Diameter endpoint logging facility

• diameter-acct: Diameter Accounting

• diameter-auth: Diameter Authentication

• diameter-dns: Diameter DNS subsystem

• diameter-ecs: ACS Diameter signaling facility

• diameter-engine: Diameter version2 engine logging facility

• diameter-hdd: Diameter Horizontal Directional Drilling (HDD) Interface facility

• diameter-svc: Diameter Service

• diamproxy: DiamProxy logging facility

• doulosuemgr: Doulos (IMS-IPSec-Tool) user equipment manager

• dpath: IPSec Data Path logging facility

• drvctrl: Driver Controller logging facility

• eap-diameter: Extensible Authentication Protocol (EAP) IP Sec urity facility

• eap-ipsec: Extensible Authentication Protocol (EAP) IPSec facility

• eap-sta-s6a-s13-s6b-diameter: EAP/STA/S6A/S13/S6B Diameter messages facility

• ecs-css: ACSMGR <-> Session Manager Signalling Interface facility

• egtpc: eGTP-C logging facility

• egtpmgr: enhanced GPRS Tunneling Protocol (eGTP) manager logging facility

• egtpu: eGTP-U logging facility

• embms: evolved Multimedia Broadcast Multicast Services Gateway facility

• embms: eMBMS Gateway Demux facility

• epdg: evolved Packet Data (ePDG) gateway logging facility

• event-notif: Event Notification Interface logging facility

• evlog: Event log facility

• famgr: Foreign Agent manager logging facility

• firewall: Firewall logging facility

• fng: Femto Network Gateway (FNG) logging facility

• gbmgr: SGSN Gb Interface Manager facility

• gmm:

  • For 2.5G: Logs the GPRS Mobility Management (GMM) layer (above LLC layer)

  • For 3G: Logs the access application layer (above the RANAP layer)

• gprs-app: GPRS Application logging facility

• gprs-ns: GPRS Network Service Protocol (layer between SGSN and the BSS) logging facility

• gq-rx-tx-diameter: Gq/Rx/Tx Diameter messages facility

• gss-gcdr: GTPP Storage Server GCDR facility

• gtpc: GTP-C protocol logging facility

• gtpcmgr: GTP-C protocol manager logging facility

• gtpp: GTP-prime protocol logging facility

• gtpu: GTP-U protocol logging facility

• gtpumgr: GTP-U Demux manager

• gx-ty-diameter: Gx/Ty Diameter messages facility

• gy-diameter: Gy Diameter messages facility

• h248prt: H.248 port manager facility

• hamgr: Home Agent manager logging facility

• hat: High Availability Task (HAT) process facility

• hdctrl: HD Controller logging facility

• henbapp: Home Evolved NodeB (HENB) App facility

• henbgw: HENB-GW facility

• henbgw-pws: HENB-GW Public Warning System logging facility

• henbgw-sctp-acs: HENB-GW access Stream Control Transmission Protocol (SCTP) facility

• henbgw-sctp-nw: HENBGW network SCTP facility

• henbgwdemux: HENB-GW Demux facility

• henbgwmgr: HENB-GW Manager facility

• hnb-gw: HNB-GW (3G Femto GW) logging facility

• hnbmgr: HNB-GW Demux Manager logging facility

• hss-peer-service: Home Subscriber Server (HSS) Peer Service facility

• iftask: Internal Forwarder Task (Intel DPDK) used on VPC-SI and VPC-DI platforms

• igmp: Internet Group Management Protocol (IGMP)

• ikev2: Internet Key Exchange version 2 (IKEv2)

• ims-authorizatn: IP Multimedia Subsystem (IMS) Authorization Service facility

• ims-sh: HSS Diameter Sh Interface Service facility

• imsimgr: SGSN IMSI Manager facility

• imsue: IMS User Equipment (IMSUE) facility

• ip-arp: IP Address Resolution Protocol facility

• ip-interface: IP interface facility

• ip-route: IP route facility

• ipms: Intelligent Packet Monitoring System (IPMS) logging facility

• ipne: IP Network Enabler (IPNE) facility

• ipsec: IP Security logging facility

• ipsecdemux: IPSec demux logging facility

• ipsg: IP Service Gateway interface logging facility

• ipsgmgr: IP Services Gateway facility

• ipsp: IP Pool Sharing Protocol logging facility

• kvstore: Key/Value Store (KVSTORE) Store facility

• l2tp-control: Layer 2 Tunneling Protocol (L2TP) control logging facility

• l2tp-data: L2TP data logging facility

• l2tpdemux: L2TP Demux Manager logging facility

• l2tpmgr: L2TP Manager logging facility

• lagmgr: Link Aggregation Group (LAG) manager logging facility

• lcs: Location Services (LCS) logging facility

• ldap: Lightweight Directory Access Protocol (LDAP) messages logging facility

• li: Refer to the Lawful Intercept Configuration Guide for a description of this command.

• linkmgr: SGSN/BSS SS7 Link Manager logging facility (2.5G only)

• llc: Logical Link Control (LLC) Protocol logging facility; for SGSN: logs the LLC layer between the GMM and the BSSGP layers for logical links between the MS and the SGSN

• local-policy: Local Policy Service facility

• location-service: Location Services facility

• m3ap: M3 Application Protocol facility

• m3ua: M3UA Protocol logging facility

• magmgr: Mobile Access Gateway manager logging facility

• map: Mobile Application Part (MAP) protocol logging facility

• megadiammgr: MegaDiameter Manager (SLF Service) logging facility

• mme-app: Mobility Management Entity (MME) Application logging facility

• mme-embms: MME evolved Multimedia Broadcast Multicast Service facility

• mme-misc: MME miscellaneous logging facility

• mmedemux: MME Demux Manager logging facility

• mmemgr: MME Manager facility

• mmgr: Master Manager logging facility

• mobile-ip: Mobile IP processes

• mobile-ip-data: Mobile IP data facility

• mobile-ipv6: Mobile IPv6 logging facility

• mpls: Multiprotocol Label Switching (MPLS) protocol logging facility

• mrme: Multi Radio Mobility Entity (MRME) logging facility

• mseg-app: Mobile Services Edge Gateway (MSEG) application logging facility

• mseg-gtpc: MSEG GTP-C application logging facility

• mseg-gtpu: MSEG GTP-U application logging facility

• msegmgr: MSEG Demux Manager logging facility

• mtp2: Message Transfer Part 2 (MTP2) Service logging facility

• mtp3: Message Transfer Part 3 (MTP3) Protocol logging facility

• multicast-proxy: Multicast Proxy logging facility

• nas: Non-Access Stratum (NAS) protocol logging facility [MME 4G]

• netwstrg: Network Storage facility

• npuctrl: Network Processor Unit Control facility

• npudrv: Network Processor Unit Driver facility [ASR 5500 only]

• npumgr: Network Processor Unit Manager facility

• npumgr-acl: NPUMGR ACL logging facility

• npumgr-drv: NPUMGR DRV logging facility

• npumgr-flow: NPUMGR FLOW logging facility

• npumgr-fwd: NPUMGR FWD logging facility

• npumgr-init: NPUMGR INIT logging facility

• npumgr-lc: NPUMGR LC logging facility

• npumgr-port: NPUMGR PORT logging facility

• npumgr-recovery: NPUMGR RECOVERY logging facility

• npumgr-rri: NPUMGR RRI (Reverse Route Injection) logging facility

• npumgr-vpn: NPUMGR VPN logging facility

• npusim: NPUSIM logging facility [ASR 5500 only]

• ocsp: Online Certificate Status Protocol logging facility.

• orbs: Object Request Broker System logging facility

• ospf: OSPF protocol logging facility

• ospfv3: OSPFv3 protocol logging facility

• p2p: Peer-to-Peer Detection logging facility

• pagingmgr: PAGINGMGR logging facility

• pccmgr: Intelligent Policy Control Function (IPCF) Policy Charging and Control (PCC) Manager library

• pdg: Packet Data Gateway (PDG) logging facility

• pdgdmgr: PDG Demux Manager logging facility

• pdif: Packet Data Interworking Function (PDIF) logging facility

• pgw: Packet Data Network Gateway (PGW) logging facility

• pmm-app: Packet Mobility Management (PMM) application logging facility

• ppp: Point-To-Point Protocol (PPP) link and packet facilities

• pppoe: PPP over Ethernet logging facility

• proclet-map-frwk: Proclet mapping framework logging facility

• push: VPNMGR CDR push logging facility

• radius-acct: RADIUS accounting logging facility

• radius-auth: RADIUS authentication logging facility

• radius-coa: RADIUS change of authorization and radius disconnect

• ranap: Radio Access Network Application Part (RANAP) Protocol facility logging info flow between SGSN and RNS (3G)

• rct: Recovery Control Task logging facility

• rdt: Redirect Task logging facility

• resmgr: Resource Manager logging facility

• rf-diameter: Diameter Rf interface messages facility

• rip: Routing Information Protocol (RIP) logging facility [RIP is not supported at this time.]

• rlf: Rate Limiting Function (RLF) logging facility

• rohc: Robust Header Compression (RoHC) facility

• rsvp: Reservation Protocol logging facility

• rua: RANAP User Adaptation (RUA) [3G Femto GW - RUA messages] logging facility

• s102: S102 protocol logging facility

• s102mgr: S102Mgr logging facility

• s1ap: S1 Application Protocol (S1AP) Protocol logging facility

• sabp: Service Area Broadcast Protocol (SABP) logging facility

• saegw: System Architecture Evolution (SAE) Gateway facility

• sbc: SBc protocol logging facility

• sccp: Signalling Connection Control Part (SCCP) Protocol logging (connection-oriented messages between RANAP and TCAP layers).

• sct: Shared Configuration Task logging facility

• sctp: Stream Control Transmission Protocol (SCTP) Protocol logging facility

• sef_ecs: Severely Errored Frames (SEF) APIs printing facility

• sess-gr: SM GR facility

• sessctrl: Session Controller logging facility

• sessmgr: Session Manager logging facility

• sesstrc: session trace logging facility

• sft: Switch Fabric Task logging facility

• sgs: SGs interface protocol logging facility

• sgsn-app: SGSN-APP logging various SGSN "glue" interfaces (for example, between PMM, MAP, GPRS-FSM, SMS).

• sgsn-failures: SGSN call failures (attach/activate rejects) logging facility (2.5G)

• sgsn-gtpc: SGSN GTP-C Protocol logging control messages between the SGSN and the GGSN

• sgsn-gtpu: SGSN GTP-U Protocol logging user data messages between the SGSN and GGSN

• sgsn-mbms-bearer: SGSN Multimedia Broadcast/Multicast Service (MBMS) Bearer app (SMGR) logging facility

• sgsn-misc: Used by stack manager to log binding and removing between layers

• sgsn-system: SGSN System Components logging facility (used infrequently)

• sgsn-test: SGSN Tests logging facility; used infrequently

• sgtpcmgr: SGSN GTP-C Manager logging information exchange through SGTPC and the GGSN

• sgw: Serving Gateway facility

• sh-diameter: Sh Diameter messages facility

• sitmain: System Initialization Task main logging facility

• slmgr: Smart Licensing manager logging facility

• sls: Service Level Specification (SLS) protocol logging facility

• sm-app: SM Protocol logging facility

• sms: Short Message Service (SMS) logging messages between the MS and the SMSC

• sndcp: Sub Network Dependent Convergence Protocol (SNDCP) logging facility

• snmp: SNMP logging facility

• sprmgr: IPCF Subscriber Policy Register (SPR) manager logging facility

• srdb: Static Rating Database

• srp: Service Redundancy Protocol (SRP) logging facility

• sscfnni: Service-Specific Coordination Function for Signaling at the Network Node Interface (SSCF-NNI) logging facility

• sscop: Service-Specific Connection-Oriented Protocol (SSCOP) logging facility

• ssh-ipsec: Secure Shell (SSH) IP Security logging facility

• ssl: Secure Socket Layer (SSL) message logging facility

• stat: Statistics logging facility

• supserv: Supplementary Services logging facility [H.323]

• system: System logging facility

• tacacsplus: TACACS+ Protocol logging facility

• tcap: TCAP Protocol logging facility

• testctrl: Test Controller logging facility

• testmgr: Test Manager logging facility

• threshold: threshold logging facility

• ttg: Tunnel Termination Gateway (TTG) logging facility

• tucl: TCP/UDP Convergence Layer (TUCL) logging facility

• udr: User Data Record (UDR) facility (used with the Charging Service)

• user-data: User data logging facility

• user-l3tunnel: User Layer 3 tunnel logging facility

• usertcp-stack: User TCP Stack

• vim: Voice Instant Messaging (VIM) logging facility

• vinfo: VINFO logging facility

• vmgctrl: Virtual Media Gateway (VMG) controller facility

• vmgctrl: VMG Content Manager facility

• vpn: Virtual Private Network logging facility

• vpp: Vector Packet Processing (VPP) logging facility

• wimax-data: WiMAX DATA

• wimax-r6: WiMAX R6

• wsg: Wireless Security Gateway (ASR 9000 Security Gateway)

• x2gw-app: X2GW (X2 proxy Gateway, eNodeB) application logging facility

• x2gw-demux: X2GW demux task logging facility

Trace logging is useful for quickly resolving issues for specific sessions that are currently active. They are temporary filters that are generated based on a qualifier that is independent of the global event log filter configured using the logging filter command in the Exec mode. Like event logs, however, the information generated by the logs is stored in the active memory buffer.

All debug level events associated with the selected call are stored.

Important

Trace logs impact session processing. They should be implemented for debug purposes only.

Use the following example to configure trace logs in the Exec mode:

logging trace { callid call_id | ipaddr ip_address | msid ms_id | username username } 

Once all of the necessary information has been gathered, the trace log can be deleted by entering the following command:

no logging trace { callid call_id | ipaddr ip_address | msid ms_id | username username } 

Monitor logging records all activity associated with all of a particular subscriber's sessions. This functionality is available in compliance with law enforcement agency requirements for monitoring capabilities of particular subscribers.

Monitors can be performed based on a subscriber's MSID or username, and are only intended to be used for finite periods of time as dictated by the law enforcement agency. Therefore, they should be terminated immediately after the required monitoring period.

This section provides instructions for enabling and disabling monitor logs.

Logging configuration and statistics can be verified by entering the following command from the Exec mode:

show logging [ active | verbose ] 

When no keyword is specified, the global filter configuration is displayed as well as information about any other type of logging that is enabled.

The following table provides information and descriptions of the statistics that are displayed when the verbose keyword is used.

In the unlikely even of a software crash, the system stores information that could be useful in determining the reason for the crash. This information can be maintained in system memory or it can be transferred and stored on a network server.

The system supports the generation of the following two types of logs:

Event logging (evlogd) is a shared medium that captures event messages sent by StarOS facilities. When one or more facilities continuously and overwhelmingly keep sending a high volume of event messages, the remaining non-offender facilities are impacted. This scenario degrades system performance, especially as the number of facilities generating logs increases.

Rate-control of event message logging is handled in the Log Source path. Essentially, every second a counter is set to zero and is incremented for each log event that is sent to evlogd. If the count reaches a threshold before the second is up, the event is sent, queued, or dropped (if the evlogd messenger queue is full).

When any facility exceeds the upper threshold set with this command for the rate of message logging and remains in the same state for prolonged interval, StarOS notifies the user through an SNMP trap or alarm.

A new threshold command allows you to specify the percentage of facility event queue full. When this threshold is exceeded, an SNMP trap and alarm are generated that specifies the offending facility.

The formats for the SNMP traps that are associated with this command are as follows:

• ThreshLSLogsVolume

  <timestamp> Internal trap notification <trap_id> (ThreshLSLogsVolume) threshold <upper_percent>%  
  measured value <actual_percent>% for facility <facility_name> instance <instance_id> 

• ThreshClearLSLogsVolume

  <timestamp> Internal trap notification <trap_id> (ThreshClearLSLogsVolume) threshold <upper_percent>%  
  measured value <actual_percent>% for facility <facility_name> instance <instance_id> 

If a trigger condition occurs within the polling interval, the alert or alarm is not generated until the end of the polling interval.

Both traps can be enabled or suppressed through the Global Configuration mode snmp trap command.

Checkpointing identifies logged data as previously viewed or marked. Checkpointing allows you to only display log information since the last checkpoint.

Individual logs may have up to 50,000 events in the active log. Checkpointing the logs results in at most 50,000 events being in the inactive log files. This gives a maximum of 100,000 events in total which are available for each facility logged.

Checkpoint log data through the EXEC mode logs checkpoint command to set the log contents to a well-known point prior to special activities taking place. This command may also be a part of periodic regular maintenance to manage log data.

Checkpointing logs moves the current log data to the inactive logs. Only the most recently check pointed data is retained in the inactive logs. A subsequent check pointing of the logs results in the prior check pointed inactive log data being cleared and replaced with the newly check pointed data. Checkpointed log data is not available for viewing.

Important

Checkpointing logs should be done periodically to prevent the log files becoming full. Logs which have 50,000 events logged discard the oldest events first as new events are logged.

Important

An Inspector-level administrative user cannot execute this command.

Log files can be saved to a file in a local or remote location specified by a URL. Use the following EXEC mode command to save log files:

save logs { url } [ active ] ] [ inactive ] [ callid call_id ] [event-verbosity evt_verboseness ] [ facility facility ] [level severity_level ] [ pdu-data pdu_format ] [ pdu-verbosity pdu_verboseness ] [ since from_date_time [ until to_date_time ] ] [ | { grep grep_options | more } ]  

OPTIONS:

• url: Specifies the location to store the log file(s). url may refer to a local or a remote file and must be entered in the following format.

• active : Saves data from active logs.

• inactive : Saves data from inactive logs.

• callid call_id : Specifies a call ID for which log information is to be saved as a 4-byte hexadecimal number.

• event-verbosity evt_verboseness : Specifies the level of verboseness to use in the displaying of event data as one of:

  • min : Logs minimal information about the event. Information includes event name, facility, event ID, severity level, date, and time.

  • concise : Logs detailed information about the event, but does not provide the event source within the system.

  • full : Logs detailed information about event, including source information, identifying where within the system the event was generated.

• facility facility : Specifies the facility to modify the filtering of logged information.

• level severity_level : Specifies the level of information to be logged in the following list which is ordered from highest to lowest:

  • critical : Logs critical events

  • error : Logs error events and all events with a higher severity level

  • warning : Logs warning events and all events with a higher severity level

  • unusual : Logs unusual events and all events with a higher severity level

  • info : Logs info events and all events with a higher severity level

  • trace : Logs trace events and all events with a higher severity level

  • debug : Logs all events

• pdu-data pdu_format : Specifies output format for the display of packet data units as one of:

  • none - raw format (unformatted).

  • hex - hexadecimal format.

  • hex-ascii - hexadecimal and ASCII similar to a main-frame dump.

• pdu-verbosity pdu_verboseness : Specifies the level of verboseness to use in the displaying of packet data units as a value from 1 to 5, where 5 is the most detailed.

• since from_date_time : Saves only the log information which has been collected more recently than from_date_time

• until to_date_time : Saves no log information more recent than to_date_time . Defaults to current time when omitted.

• from_date_time and to_date_time must be formatted as YYYY:MM:DD:HH:mm or YYYY:MM:DD:HH:mm:ss. Where:

  • YYYY = 4-digit year

  • MM = 2-digit month in the range 01 through 12

  • DD = 2-digit day in the range 01 through 31

  • HH = 2-digit hour in the range 00 through 23

  • mm = 2-digit minute in the range 00 through 59

  • ss = 2 digit second in the range 00 through 59

  to_date_time must be a time which is more recent than from_date_time .

  Using the until keyword allows for a time range of log information; using only the since keyword will display all information up to the current time.

• grep grep_options | more : Pipes (sends) the output of this command to the specified command. You must specify a command to which the output of this command is sent.