Logging
4.3.c i Local logging, syslog, debugs, conditional debugs
Local logging, syslog
General information on “Local logging, syslog”:
- Logging, syslog is enabled by default
- Messages are stored in the RAM by default
- The severity can be defined (each level includes all severities above (numerically lower))
- Because of this, there’s a maximum buffer size (4096 bytes by default), which can be increased/decreased
- If the buffer size gets exceeded, the oldest messages will be removed
- Syslogs can also be stored on a remote server or file in the flash memory
- When connected by console, logging messages are displayed automatically
- If connected by Telnet/SSH, displaying of logging messages must be enabled first
Logging severity levels:
- Severity-0: Emergencies
- Severity-1: Alerts
- Severity-2: Critical
- Severity-3: Errors
- Severity-4: Warnings
- Severity-5: Notifications
- Severity-6: Informational
- Severity-7: Debugging
Mnemonic:
Every Alley Cat Eats Warm Noodles In Doors
Log message format:
seq no:timestamp: %facility-severity-MNEMONIC:description
“Local logging, syslog” CLI configuration commands:
## Disabling/Enabling logging for console/VTY lines globally
Router(config)# [no] logging console
Router(config)# [no] logging monitor
## Defining the logging severity for console/VTY lines
Router(config)# logging console <severity>
Router(config)# logging monitor <severity>
## Defining the logging buffer size
Router(config)# logging buffered <size>
## Defining a syslog server (both commands do the same)
Router(config)# logging <syslog-srv-ip>
Router(config)# logging host <syslog-srv-ip>
## Setting logging to write messages to a file in the flash memory
Router(config)# logging file flash:<filename>
## Enabling logging on the VTY line (needs to be done after every login)
Router# terminal monitor
“Local logging, syslog” CLI show commands:
## Showing all log messages
Router# show logging
Debugs, conditional debugs
General information on “Debugs, conditional debugs”:
- Debugging is used to find out what’s exactly happening within the system
- Debugging can be enabled for all kinds of information or only specific features
- Enabling debugging for all kinds of information can cause the system to slow down heavily and make it unreachable
- Debugging features can also be filtered to get only specific information (eg. debugs of a specific interface)
- When connected by console, debug messages are displayed automatically
- If connected by Telnet/SSH, displaying debug messages must be enabled first
“Debugs, conditional debugs” CLI configuration commands:
## Enabling debugging for specific features and conditions
Router# debug [all | specific feature]
Router# debug condition [condition]
## Disabling debugging for specific features and conditions
Router# undebug [all | specific feature]
Router# undebug condition [condition]
“Debugs, conditional debugs” CLI show commands:
## Showing enabled debug parameters and conditions
Router# show debug
Router# show debug condition
4.3.c ii Timestamps
General information on “Logging Timestamps”:
- Timestamps are important to record when something has occurred
- By default, logs don’t have a timestamp and therefor it cannot be determined when something has happened
- There are two ways a timestamp can be configured:
- Timestamp with time since uptime
- Timestamp with actual date/time
- Additionally sequence numbers can be configured (disabled by default)
- This is especially useful when several messages occur at the same time to see the exact sequence in which the messages occurred
“Logging Timestamps” CLI show commands:
## Enabling the timestamp service globally (with time since uptime)
Router(config)# service timestamps [log | debug] uptime
## Enabling the timestamp service globally (with actual date/time)
Router(config)# service timestamps [log | debug] datetime [msec | year | localtime | show-timezone]
## Enabling the sequence numbers service globally
Router(config)# service sequence-numbers