Login
- Table of Contents
-
- 15-Network Management and Monitoring Configuration Guide
- 00-Preface
- 01-System maintenance and debugging configuration
- 02-NQA configuration
- 03-iNQA configuration
- 04-NTP configuration
- 05-PoE configuration
- 06-SNMP configuration
- 07-RMON configuration
- 08-Event MIB configuration
- 09-NETCONF configuration
- 10-SmartMC configuration
- 11-CWMP configuration
- 12-EAA configuration
- 13-Process monitoring and maintenance configuration
- 14-Sampler configuration
- 15-Mirroring configuration
- 16-NetStream configuration
- 17-IPv6 NetStream configuration
- 18-sFlow configuration
- 19-Performance management configuration
- 20-Flow log configuration
- 21-Information center configuration
- 22-Packet capture configuration
- 23-Cloud connection configuration
- 24-GOLD configuration
- 25-eMDI configuration
- 26-SQA configuration
- 27-Fast log output configuration
- 28-iFIT configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 27-Fast log output configuration | 81.78 KB |
Contents
Restrictions: Hardware compatibility with fast log output
Restrictions and guidelines: fast log output configuration
Configuring fast output of logs to log hosts
Configuring fast log output to use the UTF-8 encoding
Fast log output configuration examples
Example: Configuring fast log output to a log host
Configuring fast log output
About fast log output
The fast log output feature enables fast output of logs to log hosts.
Typically, logs generated by a service module are first sent to the information center, which then outputs the logs to the specified destination (such as to log hosts). When fast log output is configured, logs of service modules are sent directly to log hosts instead of to the information center. Compared to outputting logs to the information center, fast log output saves system resources. For more information about the information center, see "Configuring the information center."
Logs are classified into eight severity levels from 0 through 7 in descending order.
|
Severity value |
Level |
Description |
|
0 |
Emergency |
The system is unusable. For example, the system authorization has expired. |
|
1 |
Alert |
Action must be taken immediately. For example, traffic on an interface exceeds the upper limit. |
|
2 |
Critical |
Critical condition. For example, the device temperature exceeds the upper limit, the power module fails, or the fan tray fails. |
|
3 |
Error |
Error condition. For example, the link state changes. |
|
4 |
Warning |
Warning condition. For example, an interface is disconnected, or the memory resources are used up. |
|
5 |
Notification |
Normal but significant condition. For example, a terminal logs in to the device, or the device reboots. |
|
6 |
Informational |
Informational message. For example, a command or a ping operation is executed. |
|
7 |
Debugging |
Debug message. |
Log header formats
The log header formats of fast output logs are as follows:
Table 2 Log header formats
|
Log header types |
Format |
|
Standard format |
Example: |
|
Customized format |
URL filtering UNICOM format: Example: NAT CMCC format: Example: NAT UNICOM format: <PRI> Vision HostName Timestamp AppName ProcID MsgID Example: NAT TELECOM format: <PRI> Vision Timestamp HostName AppName ProcID MsgID Example: |
Log field description
Table 3 Log field description
|
Field |
Description |
|
PRI |
Log type code. · Standard format and NAT UNICOM format: 134. · URL filtering UNICOM format, NAT CMCC format, and NAT TELECOM format: 142. |
|
Timestamp |
Records the time when the log was generated. The timestamp is in the format of YYYY Mon DD hh:mm:ss. |
|
AppName |
Name of the device that generated the log. |
|
%%10 |
Vendor of the device that generated the log. |
|
SN |
Serial number of the device that generated the log. To view the device serial number, see the DEVICE_SERIAL_NUMBE field in the output of the display device manuinfo command. This field is available only when the device is configured to carry the serial number in fast output logs by using the customlog with-sn command. |
|
VsysId |
Virtual system that generated the log. |
|
HostName |
Source IPv4 address of the device that generated the log. |
|
MsgID |
Log type. |
|
Len |
Total length of the log header, in bytes. |
|
ProcID |
Hyphen (-). |
Restrictions: Hardware compatibility with fast log output
|
Hardware |
Fast log output compatibility |
|
MSR610 |
Yes |
|
MSR810, MSR810-W, MSR810-W-DB, MSR810-LM, MSR810-W-LM, MSR810-10-PoE, MSR810-LM-HK, MSR810-W-LM-HK, MSR810-LM-CNDE-SJK, MSR810-CNDE-SJK, MSR810-EI, MSR810-LM-EA, MSR810-LM-EI |
Yes |
|
MSR810-LMS, MSR810-LUS |
No |
|
MSR810-SI, MSR810-LM-SI |
No |
|
MSR810-LMS-EA, MSR810-LME |
Yes |
|
MSR1004S-5G, MSR1004S-5G-CN |
Yes |
|
MSR1104S-W, MSR1104S-W-CAT6, MSR1104S-5G-CN, MSR1104S-W-5G-CN |
Yes |
|
MSR2600-6-X1, MSR2600-15-X1, MSR2600-15-X1-T |
Yes |
|
MSR2600-10-X1 |
Yes |
|
MSR 2630 |
Yes |
|
MSR3600-28, MSR3600-51 |
Yes |
|
MSR3600-28-SI, MSR3600-51-SI |
No |
|
MSR3600-28-X1, MSR3600-28-X1-DP, MSR3600-51-X1, MSR3600-51-X1-DP |
Yes |
|
MSR3600-28-G-DP, MSR3600-51-G-DP |
Yes |
|
MSR3610-I-DP, MSR3610-IE-DP, MSR3610-IE-ES, MSR3610-IE-EAD, MSR-EAD-AK770, MSR3610-I-IG, MSR3610-IE-IG |
Yes |
|
MSR3610-X1, MSR3610-X1-DP, MSR3610-X1-DC, MSR3610-X1-DP-DC, MSR3620-X1, MSR3640-X1 |
Yes |
|
MSR 3610, MSR 3620, MSR 3620-DP, MSR 3640, MSR 3660 |
Yes |
|
MSR3610-G, MSR3620-G |
Yes |
|
MSR3640-G |
Yes |
|
MSR3640-X1-HI |
Yes |
|
Hardware |
Fast log output compatibility |
|
MSR810-W-WiNet, MSR810-LM-WiNet |
Yes |
|
MSR830-4LM-WiNet |
Yes |
|
MSR830-5BEI-WiNet, MSR830-6EI-WiNet, MSR830-10BEI-WiNet |
Yes |
|
MSR830-6BHI-WiNet, MSR830-10BHI-WiNet |
Yes |
|
MSR2600-6-WiNet |
Yes |
|
MSR2600-10-X1-WiNet |
Yes |
|
MSR2630-WiNet |
Yes |
|
MSR3600-28-WiNet |
Yes |
|
MSR3610-X1-WiNet |
Yes |
|
MSR3610-WiNet, MSR3620-10-WiNet, MSR3620-DP-WiNet, MSR3620-WiNet, MSR3660-WiNet |
Yes |
|
Hardware |
Fast log output compatibility |
|
MSR860-6EI-XS |
Yes |
|
MSR860-6HI-XS |
Yes |
|
MSR2630-XS |
Yes |
|
MSR3600-28-XS |
Yes |
|
MSR3610-XS |
Yes |
|
MSR3620-XS |
Yes |
|
MSR3610-I-XS |
Yes |
|
MSR3610-IE-XS |
Yes |
|
MSR3620-X1-XS |
Yes |
|
MSR3640-XS |
Yes |
|
MSR3660-XS |
Yes |
|
Hardware |
Fast log output compatibility |
|
MSR810-LM-GL |
Yes |
|
MSR810-W-LM-GL |
Yes |
|
MSR830-6EI-GL |
Yes |
|
MSR830-10EI-GL |
Yes |
|
MSR830-6HI-GL |
Yes |
|
MSR830-10HI-GL |
Yes |
|
MSR1004S-5G-GL |
Yes |
|
MSR2600-6-X1-GL |
Yes |
|
MSR3600-28-SI-GL |
No |
Restrictions and guidelines: fast log output configuration
The device supports outputting logs from service modules to log hosts by using the following methods in descending order of priority:
1. Fast log output.
2. Flow log. For more information about flow log and the service modules supported by flow log, see "Configuring flow log."
3. Information center.
If you configure multiple log output methods for a service module, the service module outputs its logs in the method that has the highest priority.
To output NAT logs to a log host, you must specify the log format required by the log host in the customlog format and customlog host commands.
You can configure the device to carry VNI information in NAT logs only if you specify the TELECOM format. NAT logs that carry the VNI field use a new format different from the TELECOM format.
Configuring fast output of logs to log hosts
1. Enter system view.
system-view
2. Enable fast log output.
customlog format { aft | attack-defense | dns | dpi [ ips | traffic-policy | url-filter [ unicom ] ] | keepalive sgcc | nat { cmcc | telecom [ with-vni ] | unicom } | packet-filter [ sgcc ]| security-policy sgcc | session }
By default, fast log output is disabled.
3. Configure fast log output parameters.
customlog host [ vpn-instance vpn-instance-name ] { hostname | ipv4-address | ipv6 ipv6-address } [ port port-number ] export { aft | attack-defense | cmcc-sessionlog | cmcc-userlog | dns | dpi [ ips | traffic-policy | url-filter ] * | keepalive | packet-filter | security-policy | session | telecom-sessionlog | telecom-userlog | unicom-sessionlog | unicom-userlog } *
By default, no fast log output parameters are configured.
The value for the port-number argument must be the same as the port number configured on the log host. Otherwise, the log host cannot receive logs.
4. (Optional.) Specify the source IP address for fast log output.
customlog host source interface-type interface-number
By default, the source IP address of fast output logs is the primary IP address of the outgoing interface.
If this command is configured, the primary IP address of the specified interface is used as the source IP address of fast output logs regardless of the outgoing interface.
Configure this command when you need to filter logs by source IP address on the log host.
5. (Optional.) Configure the timestamp of fast output logs to show the system time.
customlog timestamp localtime
By default, the timestamp of fast output logs shows the Greenwich Mean Time (GMT).
6. (Optional.) Configure the device to carry its serial number in fast output logs.
customlog with-sn
By default, the device does not carry its serial number in fast output logs.
7. (Optional.) Specify a language for fast log output.
customlog language { chinese | english }
By default, fast logs are output in English.
Only some fields in the fast logs of certain service modules can be output in Chinese. For example, only the Application and Category fields in session logs support fast output in Chinese. For more information about the supported fields in service module logs, see the command reference.
Configuring fast log output to use the UTF-8 encoding
About this task
The fast log output module and the log host must use the same character set encoding. If they use different encodings, the log host cannot correctly display Chinese characters in the log messages received from the fast log output module. By default, fast log output uses the GB18030 encoding. You can perform this task to configure fast log output to use the UTF-8 encoding.
Procedure
1. Enter system view.
system-view
2. Configure fast log output to use UTF-8 encoding.
customlog character-encoding utf-8
By default, fast log output uses the GB18030 encoding.
Fast log output configuration examples
Example: Configuring fast log output to a log host
Network configuration
As shown in Figure 1, configure fast log output on the device to send session logs to the log host.
Procedure
1. Make sure the device and the log host can reach each other. (Details not shown.)
2. Configure the device:
# Enable fast log output for the session management module.
<Device> system-view
[Device] customlog format session
# Output logs of the session management module to the log host at 1.2.0.1/16.
[Device] customlog host 1.2.0.1 port 1000 export session
# Enable logging for session creation and deletion.
[Device] session log flow-begin
[Device] session log flow-end
# Enable IPv4 session logging in the inbound direction of GigabitEthernet 1/0/1, the interface connected to the internal network.
[Device] interface gigabitethernet 1/0/1
[Device-GigabitEthernet1/0/1] session log enable ipv4 inbound
3. Configure the host:
The log host configuration varies by log host. For more information, see related document of the log host.
Verifying the configuration
On the host, verify that logs are received from the device successfully.
