Configure Logging Using GigaVUE-OS CLI
Refer to the following section for details about how to configure logging using GigaVUE-OS CLI:
- Set Up User Login Attempts
- Specify Which Events Are Logged
- Configure Log File Rotation
- Configure an External Syslog Server
- Configure Event Notification
- Configure Email Notification
- Display Log Files
- Upload Log Files for Troubleshooting
Set Up User Login Attempts
The Set User Login Attempt Lockouts feature allows you to configure the number of attempts a user can login with incorrect passwords and the time for the lockout. Run the following CLI commands:
|
CLI Command |
Description |
|---|---|
|
aaa authentication attempts lockout max-fail [*] |
Enter a value between 0 and 4294967295 for the maximum number of failed login attempts. |
|
aaa authentication attempts lockout lock-time [ *] |
Enter the time in seconds for the lockout . The default is 360 seconds. |
Specify Which Events Are Logged
Use the logging command to specify the minimum severity for events and CLI commands to be stored in the local and remote syslogs. Run the following commands:
|
CLI Command |
Description |
|---|---|
|
(config) # logging local <severity level> |
Specifies the minimum severity for all the processes in a node to be logged to the local syslog. |
|
(config) # logging trap <severity level> |
Specifies the minimum severity for an event to be logged to the external syslog. |
|
(config) # logging 1.1.1.1 trap <severity level> |
Specifies the minimum severity for an event to be logged to a specified external syslog. |
|
(config) # logging level cli commands <severity level> |
Specifies the minimum severity for a CLI command to be logged to the local and remote syslogs. |
Configure Log File Rotation
Logged events are recorded in the active log file on the GigaVUE HC Series and GigaVUE TA Series nodes. Use the logging files rotation command to set up criteria for log file rotation—moving the active log file to persistent storage and opening a new empty active log file. Use the force argument to force the log files to rotate immediately.
Configure an External Syslog Server
Use the logging command to configure an external syslog server. You can also configure GigaVUE-FM as a syslog server. For log messages to reach GigaVUE-FM, each node must be configured with the IP address of GigaVUE-FM as an external syslog server. Run the following commands:
|
CLI Command |
Description |
|---|---|
|
(config) # logging 192.168.1.25 |
Adds an IPv4 address as a destination for syslog output. |
|
(config) # ipv6 enable (config) # logging 2001:db8:a0b:12f0::82 |
Adds an IPv6 address as a destination for syslog output. Note: IPv6 must be enabled before you can configure an IPv6 syslog server. |
|
(config) # logging syslog.ipv6 |
Specifies a previously defined hostname for an external syslog server. To configure a hostname, refer to the "ip" and "ipv6" sections in the GigaVUE-OS CLI Reference Guide. |
|
(config) # logging syslog.ipv6 tcp 1468 |
Specifies a TCP port that will be used to send the system logs to the syslog server. By default, syslog uses UDP with port 514 to send the logs to the server. |
Use the show logging command to check the logging settings that you configured on the device.
When working with clustered nodes, set up logging individually for each clustered node. Events sent to external syslog servers are sent over the Mgmt port of the node logging the event and not over the cluster’s leader/VIP address.
Run the following CLI command to delete an external syslog server:
(config) # no logging 192.168.1.25
To disable local logging, use the logging local none or no logging local commands.
Configure Event Notification
For events to reach GigaVUE-FM, each node must be configured with the IP address of GigaVUE-FM as a notification receiver target. Use the following CLI command syntax to configure the notification receiver target and then enable notifications:
(config) # notifications target ip <IPv4 address> port <port ID> <secure | non-secure> username <username> password <password>
(config) # notifications enable
Note: Event notification can be configured from the CLI, but generated events cannot be displayed on the CLI. Use GigaVUE-FM or the REST API to display events.
Configure Email Notification
GigaVUE HC Series and GigaVUE-OS and GigaVUE‑FM-TA Series nodes provide powerful email notification capabilities, automatically sending emails to specified addresses when any of a wide variety of events take place. Gigamon strongly recommends that you configure this feature so that you have immediate visibility of events taking place on the system. Refer to "email" section in the GigaVUE-OS CLI Reference Guide.
Display Log Files
Use the show log command to display log files—the list of saved files and their content. Run the following CLI commands:
|
CLI Command |
Description |
|---|---|
|
(config) # show log |
Displays event logs. |
|
(config) # show log continuous |
Shows log file entries continuously as they are made. You can also use regular expression to match a keyword or pattern. |
|
(config) # show log files |
Displays a list of log files. |
|
(config) # show log files 1 |
Shows a specified log file’s contents. |
|
(config) # show log matching <reg exp> |
Displays event log messages that match a given regular expression. |
|
(config) # show log not matching <reg exp> |
Displays event log messages that do not match a given regular expression. |
Regular Expressions for show log Files
Use the show log command with the matching argument to filter output based on the entries of interest. The following table provides examples of regular expressions for use with the show log command:
|
CLI Command |
Description |
|---|---|
|
(config) # show log matching “Executing command” |
Shows all CLI commands made by users in the current syslog file. |
|
(config) # show log files <log file number> matching “Executing command” |
Shows all CLI commands made by users in the specified syslog file. |
|
(config) # show log matching crash (config) # show log matching “Core file” |
Show syslog messages that has the word, "crash" in them. |
Upload Log Files for Troubleshooting
You can upload log files to an external host to help in troubleshooting. Gigamon Technical Support personnel may ask you to do this to assist in solving problems. You can upload log files using the logging files upload command. Use show log files to see the list of files available for upload. Alternatively, you can use the current argument to upload the messages in the active log file.
Use FTP, TFTP, or SCP to upload the file. The format for the upload URL is as follows:
[protocol]://username[:password]@hostname/path/filename
For example, the following command uploads the current log file to the FTP server at 192.168.1.25:
(config) # logging files upload current ftp://jhendrix:if6was9@192.168.1.25
Uploaded log files are stored in gzip format with a filename in the following format:
messages.<n>.gz.
MORE INFORMATION 
