Login
- Table of Contents
-
- 20-Network Management and Monitoring Configuration Guide
- 00-Preface
- 01-System maintenance and debugging configuration
- 02-NQA configuration
- 03-SNMP configuration
- 04-RMON configuration
- 05-NETCONF configuration
- 06-EAA configuration
- 07-Process monitoring and maintenance configuration
- 08-Flow log configuration
- 09-Packet capture configuration
- 10-Mirroring configuration
- 11-Fast log output configuration
- 12-UCC configuration
- 13-SQA configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 11-Fast log output configuration | 56.49 KB |
Contents
Restrictions and guidelines: fast log output configuration
Fast log output configuration examples
Example: Configuring fast log output to a log host
Configuring fast log output
About fast log output
The fast log output feature enables fast output of logs to log hosts.
Typically, logs generated by a service module are first sent to the information center, which then outputs the logs to the specified destination (such as to log hosts). When fast log output is configured, logs of service modules are sent directly to log hosts instead of to the information center. Compared to outputting logs to the information center, fast log output saves system resources. For more information about the information center, see System Management Configuration Guide.
Logs are classified into eight severity levels from 0 through 7 in descending order.
|
Severity value |
Level |
Description |
|
0 |
Emergency |
The system is unusable. For example, the system authorization has expired. |
|
1 |
Alert |
Action must be taken immediately. For example, traffic on an interface exceeds the upper limit. |
|
2 |
Critical |
Critical condition. For example, the device temperature exceeds the upper limit, the power module fails, or the fan tray fails. |
|
3 |
Error |
Error condition. For example, the link state changes. |
|
4 |
Warning |
Warning condition. For example, an interface is disconnected, or the memory resources are used up. |
|
5 |
Notification |
Normal but significant condition. For example, a terminal logs in to the device, or the device reboots. |
|
6 |
Informational |
Informational message. For example, a command or a ping operation is executed. |
|
7 |
Debugging |
Debug message. |
Restrictions and guidelines: fast log output configuration
The device supports outputting logs from service modules to log hosts by using the following methods in descending order of priority:
1. Fast log output.
2. Flow log. For more information about flow log and the service modules supported by flow log, see "Configuring flow log."
3. Information center.
If you configure multiple log output methods for a service module, the service module outputs its logs in the method that has the highest priority.
To output NAT logs to a log host, you must specify the log format required by the log host in the customlog format and customlog host commands.
Procedure
1. Enter system view.
system-view
2. Enable fast log output.
customlog format { aft | attack-defense | dpi | nat { cmcc | telecom | unicom } | packet-filter | session | wlan }
By default, fast log output is disabled.
3. Configure fast log output parameters.
customlog host { hostname | ipv4-address | ipv6 ipv6-address } [ port port-number ] export { aft | attack-defense | cmcc-sessionlog | cmcc-userlog | dpi | packet-filter | session | telecom-sessionlog | telecom-userlog | unicom-sessionlog | unicom-userlog } *
By default, no fast log output parameters are configured.
The value for the port-number argument must be the same as the port number configured on the log host. Otherwise, the log host cannot receive logs.
4. (Optional.) Specify the source IP address for fast log output.
customlog host source interface-type interface-number
By default, the source IP address of fast output logs is the primary IP address of the outgoing interface.
If this command is executed, the primary IP address of the specified interface is used as the source IP address of fast output logs regardless of the outgoing interface.
Execute this command when you need to filter logs by source IP address on the log host.
5. (Optional.) Configure the timestamp of fast output logs to show the system time.
customlog timestamp localtime
By default, the timestamp of fast output logs shows the Greenwich Mean Time (GMT).
Fast log output configuration examples
Example: Configuring fast log output to a log host
Network configuration
As shown in Figure 1, configure fast log output on the AC to send NAT444 user logs to the log host in CMCC format.
Procedure
1. Make sure the AC and the log host can reach each other. (Details not shown.)
2. Configure the AC:
# Enable fast log output in CMCC format for the NAT module.
<AC> system-view
[AC] customlog format nat cmcc
# Output NAT444 user logs in CMCC format to the log host at 1.2.0.1/16.
[AC] customlog host 1.2.0.1 port 1000 export cmcc-userlog
# Enable NAT444 user log.
[AC] nat log enable
[AC] nat log port-block-assign
[AC] nat log port-block-withdraw
3. Configure the log host:
The log host configuration varies by log host. For more information, see related document of the log host.
Verifying the configuration
On the host, verify that logs are received from the AC successfully.
