Login
- Table of Contents
-
- 17-Network Management and Monitoring Command Reference
- 00-Preface
- 01-System maintenance and debugging commands
- 02-NQA commands
- 03-NTP commands
- 04-EAA commands
- 05-Process monitoring and maintenance commands
- 06-NETCONF commands
- 07-Information center commands
- 08-SNMP commands
- 09-NetStream commands
- 10-RMON commands
- 11-Flow log commands
- 12-Event MIB commands
- 13-Packet capture commands
- 14-Fast log output commands
- 15-Mirroring commands
- 16-GOLD commands
- 17-BFD commands
- 18-Track commands
- 19-Interface collaboration commands
- 20-Process placement commands
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 14-Fast log output commands | 91.02 KB |
Contents
Fast log output commands
customlog character-encoding utf-8
Use customlog character-encoding utf-8 to configure fast log output to use the UTF-8 encoding.
Use undo customlog character-encoding to restore the default.
Syntax
customlog character-encoding utf-8
undo customlog character-encoding
Default
Fast log output uses the GB18030 encoding.
Views
System view
Predefined user roles
network-admin
context-admin
Usage guidelines
For the log host to correctly display Chinese characters in received log messages, make sure the fast log output module uses the same character set encoding as the log host. Fast log output supports using GB18030 and UTF-8 encodings.
Examples
# Configure fast log output to use the UTF-8 encoding.
<Sysname> system-view
[Sysname] customlog character-encoding utf-8
customlog format
Use customlog format to enable fast log output.
Use undo customlog format to restore the default.
Syntax
customlog format { aft | aft-cmcc | aft-unicom | attack-defense | dns | dpi [ anti-virus | audit | ip-reputation | ips [ sgcc ] | netshare | url-filter [ unicom ] | waf ] | keepalive sgcc | lb | nat { cmcc | telecom | unicom } | packet-filter [ sgcc ] | scd | security-policy sgcc | session }
undo customlog format { aft | aft-cmcc | aft-unicom | attack-defense | dns | dpi [ audit | ip-reputation | ips | netshare | url-filter [ unicom ] | waf ] * | keepalive | nat | packet-filter | scd | security-policy | session } *
Default
Fast log output is disabled.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
aft: Enables fast log output for the AFT module.
aft-cmcc: Enables fast log output for the AFT module in CMCC format.
aft-telecom: Enables fast log output for the AFT module in TELECOM format.
aft-unicom: Enables fast log output for the AFT module in UNICOM format.
dns: Enables fast log output for the DNS module.
attack-defense: Enables fast log output for the attack defense module.
dpi: Enables fast log output for a DPI-related module. If you do not specify a DIP module keyword, this command enables fast log output for all the DPI-related modules.
The following compatibility matrix shows the support of hardware platforms for the dpi keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
anti-virus: Specifies the anti-virus module.
audit: Specifies the application audit and management module.
ip-reputation: Specifies the IP reputation module.
ips: Specifies the intrusion protection system module.
sgcc: Specifies the SGCC format for IPS logs. If you do not specify this keyword, the standard format is used for fast output of the IPS logs.
netshare: Specifies the netshare control module.
url-filter: Specifies the URL filtering module.
unicom: Specifies the UNICOM format for fast output URL filtering logs. If you do not specify this keyword, the standard format is used to output the logs.
waf: Specifies the Web application firewall module.
keepalive: Enables fast log output of keepalive logs. After this keyword is specified, the device sends keepalive logs to the log host periodically. If the log host cannot receive the keepalive logs in a specific period of time, the log host determines that the device is down.
lb: Enables fast log output for the load balancing module.
The following compatibility matrix shows the support of hardware platforms for the lb keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
nat: Enables fast log output in a specific format for the NAT module.
· cmcc: Specifies the CMCC format.
· telecom: Specifies the TELECOM format.
· unicom: Specifies the UNICOM format.
The following compatibility matrix shows the support of hardware platforms for the nat option:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
packet-filter: Enables fast output of packet matching logs for the packet filter, object policy, and security policy module.
scd: Enables fast log output for the service connection detection module.
security-policy: Enables fast log output of security policy configuration logs for the security policy module.
session: Enables fast log output for the session management module.
sgcc: Specifies the SGCC format for the specified type of logs. If you do not specify this keyword, the standard format is used for fast output of the logs.
Usage guidelines
The fast log output feature enables fast output of logs to log hosts.
Typically, logs generated by a service module are first sent to the information center, which then outputs the logs to the specified destination (such as to log hosts). When fast log output is configured, logs of service modules are sent directly to log hosts instead of to the information center. Compared to outputting logs to the information center, fast log output saves system resources.
Fast log output, flow log, and information center are exclusive from one another. When the customlog format command is configured, the specified service module uses only the fast log output method. For more information about flow log, see "Configuring flow log." For more information about the information center, see "Configuring the information center."
To output logs of the NAT module to a log host, you must specify the log format required by the log host in the customlog format and customlog host commands. Logs of other modules can be output only in one format. You do not need to specify the format for these logs.
Examples
# Enable fast log output for the session management module.
[Sysname] customlog format session
customlog host
Use customlog host to configure fast log output parameters.
Use undo customlog host to remove the fast log output configuration.
Syntax
customlog host [ vpn-instance vpn-instance-name ] { hostname | ipv4-address | ipv6 ipv6-address } [ port port-number ] export { aft | attack-defense | cmcc-sessionlog | cmcc-userlog | dns | dpi [ anti-virus | audit | ip-reputation | ips | netshare | url-filter | waf ] * | keepalive | lb | packet-filter | scd | security-policy | session | telecom-sessionlog | telecom-userlog | unicom-sessionlog | unicom-userlog } *
undo customlog host [ vpn-instance vpn-instance-name ] { hostname | ipv4-address | ipv6 ipv6-address } [ port port-number ]
Fast log output parameters are not configured.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the log host belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the log host is on the public network, do not specify this option.
hostname: Specifies a log host by its name, a case-insensitive string of 1 to 253 characters. The host name can contain letters, digits, hyphens (-), underscores (_), and dots (.).
ipv4-address: Specifies a log host by its IPv4 address.
ipv6 ipv6-address: Specifies a log host by its IPv6 address.
port port-number: Specifies the port number of the log host. The value range is 1 to 65535, and the default is 514. The setting must be the same as the port number configured on the log host. Otherwise, the log host cannot receive logs.
export: Specifies a source module for fast log output.
aft: Outputs logs of the AFT module to the log host.
attack-defense: Outputs logs of the attack defense module to the log host.
cmcc-sessionlog: Outputs NAT session logs in CMCC format to the log host.
cmcc-userlog: Outputs NAT444 user logs in CMCC format to the log host.
dns: Outputs logs of the DNS module to the log host.
dpi: Outputs logs of a DPI-related module to the log host. If you specify the dpi keyword without a DPI module keyword, this command outputs logs of all the DPI-related modules to the log host.
The following compatibility matrix shows the support of hardware platforms for the dpi keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
anti-virus: Specifies the anti-virus module.
audit: Specifies the application audit and management module.
ip-reputation: Specifies the IP reputation module.
ips: Specifies the intrusion protection system module.
netshare: Specifies the netshare control module.
url-filter: Specifies the URL filtering module.
waf: Specifies the Web application firewall module.
keepalive: Outputs keepalive logs to the log host.
lb: Outputs logs of the load balancing module to the log host.
The following compatibility matrix shows the support of hardware platforms for the lb keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
packet-filter: Outputs packtet matching logs of the packet filter, object policy, and security policy modules to the log host.
scd: Outputs logs of the server connection detection module to the log host.
security-policy: Outputs security policy configuration logs of the security policy module to the log host.
session: Outputs logs of the session management module to the log host.
telecom-sessionlog: Outputs NAT session logs in TELECOM format to the log host.
The following compatibility matrix shows the support of hardware platforms for the telecom-sessionlog keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
telecom-userlog: Outputs NAT444 user logs in TELECOM format to the log host.
The following compatibility matrix shows the support of hardware platforms for the telecom-userlog keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
unicom-sessionlog: Outputs NAT session logs in UNICOM format to the log host.
The following compatibility matrix shows the support of hardware platforms for the unicom-sessionlog keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
unicom-userlog: Outputs NAT444 user logs in UNICOM format to the log host.
The following compatibility matrix shows the support of hardware platforms for the unicom-userlog keyword:
|
Hardware platform |
Module type |
Parameter compatibility |
|
M9006 M9010 M9014 |
Blade IV firewall module |
Yes |
|
Blade V firewall module |
Yes |
|
|
NAT module |
Yes |
|
|
Application delivery engine (ADE) module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9010-GM |
Encryption module |
Yes |
|
M9016-V |
Blade V firewall module |
Yes |
|
M9008-S M9012-S |
Blade IV firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
Intrusion prevention service (IPS) module |
Yes |
|
|
Video network gateway module |
Yes |
|
|
Anomaly flow cleaner (AFC) module |
No |
|
|
M9008-S-6GW |
IPv6 module |
Yes |
|
M9008-S-V |
Blade IV firewall module |
Yes |
|
M9000-AI-E8 |
Blade V firewall module |
Yes |
|
Application delivery engine (ADE) module |
Yes |
|
|
M9000-AI-E16 |
Blade V firewall module |
Yes |
Usage guidelines
The customlog host command takes effect only after the customlog format command is configured.
To output NAT logs to a log host, you must specify the log format required by the log host in the customlog format and customlog host commands.
Examples
# Output logs of the session management module to the log host at 1.1.1.1.
[Sysname] customlog host 1.1.1.1 port 1000 export session
customlog host source
Use customlog host source to specify a source IP address for fast log output.
Use undo customlog host source to restore the default.
Syntax
customlog host source interface-type interface-number
Default
The source IP address of fast output logs is the primary IP address of the outgoing interface.
Views
System view
Predefined user roles
network-admin
context-admin
Parameters
interface-type interface-number: Specifies a source interface by its type and number. The interface's primary IP address will be used as the source IP address of fast output logs.
Usage guidelines
Configure this command when you need to filter logs according to their source IP addresses on the log host.
The customlog host source command takes effect only after the customlog format and customlog host commands are configured.
Examples
# Use the IP address of Loopback 0 as the source IP address of fast output logs.
[Sysname] interface loopback 0
[Sysname-LoopBack0] ip address 2.2.2.2 32
[Sysname-LoopBack0] quit
[Sysname] customlog host source loopback 0
customlog timestamp
Use customlog timestamp localtime to configure the timestamp of fast output logs to show the system time.
Use undo customlog timestamp localtime to restore the default.
Syntax
undo customlog timestamp localtime
Default
The timestamp of fast output logs shows the Greenwich Mean Time (GMT).
Views
System view
Predefined user roles
network-admin
context-admin
Examples
# Configure the timestamp of fast output logs to show the system time.
[Sysname] customlog timestamp localtime
