Login
- Table of Contents
-
- 12-Network Management and Monitoring Command Reference
- 00-Preface
- 01-System Maintenance and Debugging Commands
- 02-NQA Commands
- 03-NTP Commands
- 04-Clock Monitoring Commands
- 05-IPC Commands
- 06-SNMP Commands
- 07-RMON Commands
- 08-Sampler Commands
- 09-Mirroring Commands
- 10-NetStream Commands
- 11-IPv6 NetStream Commands
- 12-Protocol Packet Statistics Commands
- 13-Information Center Commands
- 14-Flow Logging Commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 14-Flow Logging Commands | 86.03 KB |
display userlog export
Syntax
display userlog export slot slot-number [ | { begin | exclude | include } regular-expression ]
View
Any view
Default level
1: Monitor level
Parameters
slot slot-number: Displays flow logs of the specified card. The slot-number argument refers to the card slot number.
|: Filters command output by specifying a regular expression. For more information about regular expressions, see Fundamentals Configuration Guide.
begin: Displays the first line that matches the specified regular expression and all lines that follow.
exclude: Displays all lines that do not match the specified regular expression.
include: Displays all lines that match the specified regular expression.
regular-expression: Specifies a regular expression, a case-sensitive string of 1 to 256 characters.
Description
Use the display userlog export command to view the configuration and statistics about flow logs exported to the log server.
Before using this command, configure the IP address and UDP port number of the log server with the userlog flow export host command. Otherwise, the system may prompt you "No userlog export is enabled".
Related commands: reset userlog flow export.
Examples
# View the configuration and statistics about flow logs.
<Sysname> display userlog export slot 2
nat
?? No userlog export is enabled
# View the configuration and statistics about flow logs of the card in slot 5.
<Sysname> display userlog export slot 5
flow:
?? Export Version 1 logs to log server : enabled
?? Source address of exported logs?? : 1.1.1.1
?? Address of log server???????????? : 2.2.3.3 (port: 2000)
?? VPN-instance????????? ????????????????: abc
?? Total logs/UDP packets exported?? : 0/0
?? Address of log server???????????? : 2.2.4.3 (port: 2000)
?? Total logs/UDP packets exported?? : 0/0
????? Logs in buffer??????????????????? : 0?
Table 1 Output description
|
Field |
Description |
|
|
nat |
Configuration and statistics about NAT logs. |
|
|
No userlog export is enabled |
Flow logs are not sent to the log server at present. It may be because exporting flow logs to the log server is not configured, or flow logs are sent to the information center. |
|
|
flow |
Configuration and statistics about flow logs. |
|
|
No userlog export is enabled |
Flow logs are not sent to the log server at present. It may be because exporting flow logs to the log server is not configured, or flow logs are sent to the information center. |
|
|
Export Version 1 logs to log server |
Export flow logging packets of version 1.0 to the log server. |
?????? |
|
Source address of exported logs |
Source IP address of the flow logging packets (this field will not be displayed if the source IP address is not configured) |
|
|
Address of log server |
Address of the log server, including IP address and port number |
|
|
VPN-instance |
VPN instance name of the VPN to which the flow logging server belongs. (VPN instance name can be specified only when the log server is specified by an IPv4 address.) |
|
|
Total logs/UDP packets exported |
Total number of flow logs exported and total number of the UDP packets carrying these flow logs (a UDP packet may carry multiple flow logs) |
|
|
Logs in buffer |
Total number of flow logs in the cache |
reset userlog flow export
Syntax
reset userlog flow export slot slot-number
View
User view
Default level
2: System level
Parameters
slot slot-number: Clears statistics of flow logs of the specified card. The slot-number argument refers to the card slot number.
Description
Use the reset userlog flow export command to clear statistics about flow logs.
When flow logging is enabled on the router, the system periodically collects statistics about flow logs.
Related commands: display userlog export.
Examples
# Clear statistics about flow logs of the card in slot 2.
<Sysname> reset userlog flow export slot 2
reset userlog flow logbuffer
Syntax
reset userlog flow logbuffer slot slot-number
View
User view
Default level
2: System level
Parameters
slot slot-number: Clears flow logs in the card cache of the specified card. The slot-number argument refers to the card slot number.
Description
Use the reset userlog flow logbuffer command to clear flow logs in the cache.
Flow logs are saved in the cache before being exported to the information center or log server.
|
|
CAUTION: Clearing flow logs in the cache causes the loss of log information, so you are recommended not to clear the cache unless you are sure you want to clear it. |
Examples
# Clear flow logs in the card cache in slot 2.
<Sysname> reset userlog flow logbuffer slot 2
userlog flow export host
Syntax
userlog flow export slot slot-number [ vpn-instance vpn-instance-name ] host ipv4-address udp-port
undo userlog flow export slot slot-number [ vpn-instance vpn-instance-name ] host ipv4-address
View
System view
Default level
2: System level
Parameters
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the flow logging server belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the flow logging server is on the public network, do not specify this option.
ipv4-address: IPv4 address of flow logging server. It is a valid unicast IPv4 address but not a loopback address.
udp-port: UDP port number of flow logging server, which ranges from 0 to 65535.
slot slot-number: Specifies number of the slot in which the card generating flow logs resides. The slot-number argument refers to the card slot number.
Description
Use the userlog flow export host command to configure the IPv4 address and UDP port number of the log server.
Use the undo userlog flow export host command to remove the configuration.
By default, the IPv4 address and UDP port number of the log server are not configured.
If you configure to output the flow logs through UDP packets, the flow logging server must be configured, otherwise flow logs cannot be exported.
To avoid collision with general UDP port numbers, UDP port numbers that range from 1025 to 65535 are recommended.
The specified VPN instance should be created, otherwise packets delivery fails.
You can configure a flow logging server for each board separately, and this helps to share the load of the log server. You can specify at most two log servers (with different IP addresses) to receive flow logs for each interface board. If you have already specified two servers for an interface board and want to assign a new flow log server, you need to delete an existing one; if the new server to be specified for the interface card and an existing one have the same IP address but different other information, the new server will overwrite the first one.
Related commands: userlog flow export host ipv6.
Examples
# Export flow logs of the card in slot 2 to the log server, and the VPN instance name is vpn3. The IP address of flow logging server 1 is 1.2.3.6, and the port number is 2000; the IP address of flow logging server 2 is 1.2.3.7, and the port number is 2001.
<Sysname> system-view
[Sysname] userlog flow export slot 2 vpn-instance vpn3 host 1.2.3.6 2000
[Sysname] userlog flow export slot 2 vpn-instance vpn3 host 1.2.3.7 2001
userlog flow export host ipv6
Syntax
userlog flow export slot slot-number [ vpn-instance vpn-instance-name ] host ipv6 ipv6-address udp-port
undo userlog flow export slot slot-number [ vpn-instance vpn-instance-name ] host ipv6 ipv6-address
View
System view
Default level
2: System level
Parameters
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN to which the flow logging server belongs, where vpn-instance-name is a case-sensitive string of 1 to 31 characters. If the flow logging server is on the public network, do not specify this option.
ipv6-address: IPv6 address of flow logging server.
udp-port: UDP port number of flow logging server, which ranges from 0 to 65535.
slot slot-number: Specifies number of the slot in which the card generating flow logs resides. The slot-number argument refers to the card slot number.
Description
Use the userlog flow export host command to configure the IPv6 address and UDP port number of the log server.
Use the undo userlog flow export host command to remove the configuration.
By default, the IPv6 address and UDP port number of the log server are not configured.
If you configure to output the flow logs through UDP packets, the flow logging server must be configured, otherwise flow logs cannot be exported.
To avoid collision with general UDP port numbers, UDP port numbers that range from 1025 to 65535 are recommended.
The specified VPN instance should be created, otherwise packets delivery fails.
You must configure a flow logging server for each interface board separately, and this helps to share the load of the log server. You can select at most two log servers from three types of log servers (which are flow logging server in a VPN, IPv4 flow logging server, and IPv6 flow logging server) to receive flow logs for each router. If you specify two log servers for a router, the servers can be of the same type or of different types. If you have already specified two servers for an interface board, you need to delete an existing one to specify a new one. If in a new configuration, the IP address is the same with that of the currently effective configuration, but other information of the two configurations is different, then the new configuration will overwrite the previous one.
Related commands: userlog flow export host.
Examples
# Export flow logs of the card in slot 2 to the log server. The IP address of flow logging server 1 is 1::1, and the port number is 2000; the IPv6 address of flow logging server 2 is 1::2, and the port number is 2001.
<Sysname> system-view
[Sysname] userlog flow export slot 2 host ipv6 1::1 2000
[Sysname] userlog flow export slot 2 host ipv6 1::2 2001
userlog flow export source-ip
Syntax
userlog flow export source-ip ip-address
undo userlog flow export source-ip
View
System view
Default level
2: System level
Parameters
ip-address: Source IP address of a flow logging packet.
Description
Use the userlog flow export source-ip command to configure the source IP address of flow logging packets.
Use the undo userlog flow export source-ip command to restore the default.
By default, the source IP address of flow logging packets is the IP address of the egress interface of the packets.
Related commands: userlog flow export host.
Examples
# Configure the source IP address of flow logging packets as 1.2.1.2.
<Sysname> system-view
[Sysname] userlog flow export source-ip 1.2.1.2
userlog flow export version
Syntax
userlog flow export version version-number
undo userlog flow export version
View
System view
Default level
2: System level
Parameters
version-number: Flow logging version number. The value is either 1 or 3.
Description
Use the userlog flow export version command to configure the flow logging version.
Use the undo userlog flow export version command to restore the default.
By default, flow logging version is 1.0.
If you configure the flow logging version multiple times, the latest configuration will take effect. Although a router supports both of the two versions, only one can be active at one time.
Examples
# Set the flow logging version to 3.0.
<Sysname> system-view
[Sysname] userlog flow export version 3
userlog flow syslog
Syntax
userlog flow syslog
undo userlog flow syslog
View
System view
Default level
2: System level
Parameters
None
Description
Use the userlog flow syslog command to export flow logs to the information center.
Use the undo userlog flow syslog command to restore the default.
By default, flow logs are exported to the log server.
The two export approaches of flow logs are mutually exclusive. If you configure two approaches simultaneously, the system will export the flow logs to the information center automatically.
Exporting flow logs to the information center takes up storage space of the router, so adopt this export approach when there are a small amount of logs.
Examples
# Export flow logs to the information center.
<Sysname> system-view
[Sysname] userlog flow syslog
