logging

Required Command-Line Mode = Configure

Use the logging command to configure how the GigaVUE H Series node stores syslog informationhow much is stored, how the log files are handled, and so on.

Note:  This section lists and describes the arguments for the logging command.

The logging command has the following syntax:

logging <hostname, IPv4 or IPv6 address> [tcp <0-65535> [ssh username <username>]] |
      [trap <severity level>]
   files
      delete <current | oldest [number of log files]>
      rotation force | max-num <number of files>
      upload <current | <file number>> <upload URL>
   level
      audit mgmt <severity level>
      cli commands <severity level>
   local <severity level>
   trap <severity level>

The following table describes the arguments for the logging command:

Argument

Description

<hostname, IPv4 or IPv6 address>

Specifies the IP address for logging. Logged events are always written to the local log file. In addition, you can optionally specify an external syslog server as a destination for the GigaVUE H Series node’s logging output. When an external syslog server is specified, the GigaVUE H Series node will send logged events through UDP to the specified destination.

Use the logging command to specify an external syslog server. For example, the following command adds an IPv4 destination for syslog output:

(config) # logging 192.168.1.25

Starting in software version 4.7, IPv6 addresses as well as hostnames are supported.

For example, the following command adds an IPv6 destination for syslog output:

(config) # logging 2001:db8:a0b:12f0::85

For example, the following command specifies a previously defined hostname:

(config) # logging syslog.ipv6

Refer to the following commands to configure a hostname for IPv4 or IPv6: ip or ipv6.

By default, event logs will be sent to the syslog server using UDP.

[tcp <0-65535> [ssh username <username>]]

Specifies the TCP protocol. Syslog audit data will be sent to this server using TCP. A TCP port number must be specified, from 1 to 65535. The TCP port number is the port on which the syslog server listens. (Refer to your syslog server administrator for the port number.)

A TCP port number of zero (0) specifies UDP.

Note:  TCP port numbers from 0 to 1024 are reserved for system use.

For example, the following commands specify TCP ports, for IPv4 address, IPv6 address, and hostname:

(config) # logging 192.168.1.25 tcp 51300

(config) # logging 2001:db8:a0b:12f0::85 tcp 1234

(config) # logging syslog.ipv6 tcp 1468

Optionally specifies a secured TCP connection, which sends syslog audit data encrypted through SSH. The values are as follows:

ssh—Specifies that syslog audit data will be sent to this server using secured TCP.
username—Specifies a valid username for the secured TCP connection. This is the user account used for SSH authentication.

Refer to ssh connect under ssh to configure a valid username.

For example:

(config) # logging 192.168.1.25 tcp 51300 ssh username sysloguser

[trap <severity level>]

Specifies an optional trap argument for the minimum severity for events and CLI commands sent to the specified remote destination. The value you specify here overrides the global setting configured using logging trap <severity level>. For example, the following command specifies a minimum severity level of critical for events sent to IPv4 address, 192.168.1.25:

(config) # logging 192.168.1.25 trap crit

For example, the following commands specify a minimum severity level of information for events sent to an IPv6 hostname or IPv6 address:

(config) # logging syslog.ipv6 trap info

(config) # logging 2001:db8:a0b:12f0::85 trap info

files   delete <current | all | oldest [number]>   rotation force   upload <current | <file number>> <upload       URL>

Deletes log files, configures the rotation of log files, and uploads log files to an external host as follows:

delete—Deletes a log file. You can delete either the current log file or a specified number of the oldest log files using the oldest argument. For example, the following command deletes the three oldest log files:

(config) # logging files delete oldest 3

rotation force—Forces the rotation of log files immediately. For example:

(config) # logging files rotation force

max-num – Specifies the maximum number of log files to keep in persistent storage. The GigaVUE-OS CLI appliance check this against the number of stored log files at every rotation and removes enough of the oldest files to meet the limit.

For example, the following command sets a maximum of five log files saved to persistent storage:

(config) # logging files rotation max-num 5

upload—Uploads log files to an external host. Use show log files to see the list of files available for upload. Alternatively, you can use the current argument to upload the messages in the active log file or the all argument to upload all files.

Use FTP, TFTP, or SCP to upload the file. The format for the upload URL is as follows:

[protocol]://username[:password]@hostname/path/filename

For example, the following command uploads the current log file to the FTP server at 192.168.1.25:

(config) # logging files upload current ftp://jhendrix:if6was9@192.168.1.25

Uploaded log files are stored in gzip format with a filename in the following format:

messages.<n>.gz.

Use the masked argument to mask the IPv4, IPv6, and MAC addresses contained in the log files.

For example:

(config) # logging files upload all scp masked

level    audit mgmt <severity level>   cli commands <severity level>

Specifies the minimum severity for a CLI command to be logged to the local and remote syslogs. Also specifies the minimum severity of audit log messages. The available severity levels are listed in Severity Levels for Logging Commands.

For example:

(config) # logging level cli commands info

(config) # logging level audit mgmt notice

local <severity level>

Specifies the minimum severity for an event to be logged to the local syslog. The available severity levels are listed in Severity Levels for Logging Commands.

For example:

(config) # logging local crit

trap <severity level>

Specifies the minimum severity for an event to be logged to the external syslog. The available severity levels are listed in Severity Levels for Logging Commands.

For example:

(config) # logging trap alert

Related Commands

The following table summarizes other commands related to the logging command:

Task

Command

Displays logging configuration.

# show logging

Does not send event logs to this server (removes the logging server configuration).

(config) # no logging 10.10.10.10

or

2001:db8:a0b:12f0::85

Disables logging using TCP, which reverts back to UDP. If there is an SSH connection configured under TCP, it will be unconfigured.

(config) # no logging 10.10.10.10 tcp

or

(config) # logging 10.10.10.10 tcp 0

Disables logging using a secured SSH connection.

(config) # no logging 10.10.10.10 ssh

Disables local logging.

(config) # no logging local

Does not send event log messages to syslog servers.

(config) # no logging trap