Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 07-Flow log commands | 67.18 KB |
Flow log commands
display userlog export
Use display userlog export to display flow log configuration and statistics.
Syntax
display userlog export
Views
Any view
Predefined user roles
network-admin
network-operator
Examples
# Display flow log configuration and statistics.
<Sysname> display userlog export
Flow:
Export flow log as UDP Packet.
Version: 3.0
Source ipv4 address: 2.2.2.2
Source ipv6 address:
Log load balance function: Disabled
Local time stamp: Disabled
Number of log hosts: 2
Log host 1:
Host/Port: 1.2.3.6/2000
Total logs/UDP packets exported: 112/87
Log host 2:
VPN instance:abc
Host/Port:1.1.1.1/2000
Total logs/UDP packets exported: 6553665536/409597846
Table 1 Command output
|
Field |
Description |
|
Flow |
Flow log configuration and statistics. |
|
Export flow log as UDP Packet |
Flow log entries were sent to log hosts in UDP. |
|
Version |
Flow log feature version. |
|
Source ipv4/ipv6 address |
Source IP address of the flow log packets. |
|
Log load balance function |
Load balancing status for flow log packets: · Enabled—Flow log packets are distributed among available log hosts. · Disabled—Every flow log packet is copied and sent to all available log hosts. |
|
Local time stamp |
Whether the use of the local time in the flow log timestamp is enabled or disabled. |
|
Number of log hosts |
Total number of log hosts. |
|
Log host |
Information about the log host. |
|
VPN instance |
VPN instance to which the log host belongs. |
|
Host/port |
IP address and port number of the log host. |
|
Total logs |
Total number of flow log entries successfully exported and those failed to be exported to the log hosts. |
|
UDP packets exported |
Total number of UDP packets successfully sent and those failed to be sent to the log hosts. The UDP packets are used to export flow log entries. A UDP packet can contain multiple flow log entries. |
userlog flow export
reset userlog flow export
Use reset userlog flow export to clear flow log statistics.
Syntax
reset userlog flow export
Views
User view
Predefined user roles
network-admin
Examples
# Clear flow log statistics.
<Sysname> reset userlog flow export
Related commands
userlog flow export
userlog flow export host
Use userlog flow export host to specify a log host to receive flow log entries.
Use undo userlog flow export host to remove a log host.
Syntax
userlog flow export [ vpn-instance vpn-instance-name ] host { hostname | ipv4-address | ipv6 ipv6-address } port udp-port
undo userlog flow export [ vpn-instance vpn-instance-name ] host { hostname | ipv4-address | ipv6 ipv6-address }
Default
No log hosts are specified.
Views
System view
Predefined user roles
network-admin
Parameters
vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the log host is on the public network, do not specify this option.
hostname: Specifies a log host by its name, a case-insensitive string of 1 to 253 characters. The host name can contain letters, digits, and special characters including hyphen (-), underscore (_), and dot (.).
ipv4-address: Specifies a log host by its IPv4 address. The address must be a valid unicast address and cannot be a loopback address.
ipv6 ipv6-address: Specifies a log host by its IPv6 address.
port udp-port: Specifies the UDP port number of the log host, in the range of 1 to 65535. As a best practice, use UDP port numbers in the range 1025 to 65535 to avoid collision with well-known UDP port numbers.
Examples
# Export flow log entries to UDP port 2000 on the log host at 1.2.3.6.
[Sysname] userlog flow export host 1.2.3.6 port 2000
Related commands
display userlog export
userlog flow export load-balancing
Use userlog flow export load-balancing to enable load balancing for flow log entries.
Use undo userlog flow export load-balancing to restore the default.
Syntax
userlog flow export load-balancing
undo userlog flow export load-balancing
Default
Load balancing is disabled. The device sends a copy of each flow log entry to all available log hosts.
Views
System view
Predefined user roles
network-admin
Usage guidelines
In load balancing mode, flow log entries are distributed among log hosts based on the source IP addresses (before NAT) that are recorded in the entries. The flow log entries generated for the same source IP address are sent to the same log host. If a log host goes down, the flow logs sent to it will be lost.
Examples
# Enable load balancing for flow logging.
<Sysname> system-view
[Sysname] userlog flow export load-balancing
Related commands
userlog flow export host
userlog flow export source-ip
Use userlog flow export source-ip to specify a source IP address for flow log packets.
Use undo userlog flow export source-ip to restore the default.
Syntax
userlog flow export source-ip { ipv4-address | ipv6 ipv6-address }
undo userlog flow export source-ip [ ipv6 ]
Default
The source IP address of flow log packets is the IP address of their outgoing interface.
Views
System view
Predefined user roles
network-admin
Parameters
ipv4-address: Specifies an IPv4 address.
ipv6 ipv6-address: Specifies an IPv6 address.
Examples
# Specify 1.2.1.2 as the source IP address for flow log packets.
<Sysname> system-view
[Sysname] userlog flow export source-ip 1.2.1.2
Related commands
userlog flow export host
userlog flow export timestamp localtime
Use userlog flow export timestamp localtime to configure the device to use the local time in the timestamp of flow logs.
Use undo userlog flow export timestamp localtime to restore the default.
Syntax
userlog flow export timestamp localtime
undo userlog flow export timestamp localtime
Default
The device uses the UTC time in the timestamp of flow logs.
Views
System view
Predefined user roles
network-admin
Usage guidelines
The device uses either the local time or the UTC time in the timestamp of flow logs.
· UTC time—Standard https://en.wikipedia.org/wiki/Greenwich_Mean_Time (GMT).
· Local time—Standard GMT plus or minus the time zone offset.
The time zone offset can be configured by using the clock timezone command. For more information, see basic device management commands in System Management Command Reference.
Examples
# Configure the device to use the local time in the timestamp of flow logs.
<Sysname> system-view
[Sysname] userlog flow export timestamp localtime
userlog flow export version
Use userlog flow export version to set the flow log version.
Use undo userlog flow export version to restore the default.
Syntax
userlog flow export version version-number
undo userlog flow export version
Default
The flow log version is 1.0.
Views
System view
Predefined user roles
network-admin
Parameters
version-number: Specifies a flow log version. Available options are 1 and 3, which represent version 1.0 and version 3.0.
Usage guidelines
If you execute this command multiple times, the most recent configuration takes effect.
Examples
# Set the flow log version to 3.0.
<Sysname> system-view
[Sysname] userlog flow export version 3
Related commands
userlog flow export host
userlog flow syslog
Use userlog flow syslog to specify the information center as the destination for flow log export.
Use undo userlog flow syslog to restore the default.
Syntax
userlog flow syslog
undo userlog flow syslog
Default
Flow log entries are not exported.
Views
System view
Predefined user roles
network-admin
Usage guidelines
You can export flow log entries to log hosts or the information center, but not both. If both methods are configured, the system exports flow log entries to the information center.
Flow log entries are converted to the syslog format when they are exported to the information center. Their severity level is informational. With the information center, you can specify multiple log output destinations, including the console, log host, and log file.
Log entries in ASCII format are human readable. However, the log data volume is higher in ASCII format than in binary format.
Examples
# Specify the information center as the destination for flow log export.
<Sysname> system-view
[Sysname] userlog flow syslog
Related commands
userlog flow export host
