Contents

Information center commands· 1

check logfile· 1

diagnostic-logfile save· 1

display diagnostic-logfile summary· 2

display info-center 3

display info-center file-server 3

display info-center filter 5

display logbuffer 5

display logbuffer summary· 7

display logfile summary· 8

display security-logfile summary· 9

display trace-logfile summary· 9

enable log updown· 10

info-center diagnostic-logfile directory· 11

info-center diagnostic-logfile enable· 11

info-center diagnostic-logfile frequency· 12

info-center diagnostic-logfile quota· 12

info-center enable· 13

info-center file-server transport-type· 13

info-center file-server user 15

info-center filter 16

info-center loghost locate-info with-sn· 17

info-center format 17

info-center logbuffer 18

info-center logbuffer size· 19

info-center logfile alarm-threshold· 20

info-center logfile directory· 20

info-center logfile enable· 21

info-center logfile frequency· 21

info-center logfile size-quota· 22

info-center logging suppress duplicates· 23

info-center logging suppress module· 24

info-center loghost 25

info-center loghost source· 26

info-center security-logfile alarm-threshold· 27

info-center security-logfile directory· 28

info-center security-logfile enable· 29

info-center security-logfile frequency· 29

info-center security-logfile size-quota· 30

info-center source· 30

info-center synchronous· 32

info-center syslog min-age· 33

info-center syslog trap buffersize· 33

info-center timestamp· 34

info-center timestamp loghost 35

info-center trace-logfile directory· 35

info-center trace-logfile enable· 36

info-center trace-logfile frequency· 37

info-center trace-logfile quota· 37

logfile save· 38

reset logbuffer 39

security-logfile save· 39

simulate syslog· 40

snmp-agent trap enable syslog· 42

terminal debugging· 42

terminal logging level 43

terminal monitor 44

trace-logfile save· 44

 

Information center commands

check logfile

Use check logfile to perform integrity check for a log file.

Syntax

check logfile file-path

Views

User view

Predefined user roles

network-admin

Parameters

file-path: Specifies the absolute path of the log file. For successful execution of this command, the file extension must be .log or .log.gz.

Usage guidelines

When the information center saves a log message to the log file, it uses the device master key to calculate a digest for the log file and saves the digest in the log file. The digest is used to perform integrity check for the log file. For more information about the master key, see public key management in Security Configuration Guide.

When this command is executed, the information center uses the master key to recalculate a digest for the log file and then compares the digest with that saved in the log file. If the two digests are consistent, the log file passes the integrity check. If they do not match, the log file fails the integrity check.

Examples

# Perform integrity check for log file flash:/logfile/logfile.log.

<Sysname> check logfile flash:/logfile/logfile.log

The integrity check for the logfile succeeded.

Related commands

set master-key (Security Command Reference)

diagnostic-logfile save

Use diagnostic-logfile save to manually save diagnostic logs from the diagnostic log file buffer to the diagnostic log file.

Syntax

diagnostic-logfile save

Views

Any view

Predefined user roles

network-admin

Usage guidelines

You can specify the directory to save the diagnostic log file by using the info-center diagnostic-logfile directory command.

The device clears the diagnostic log file buffer after saving the buffered diagnostic logs to the diagnostic log file.

If the diagnostic log file buffer is empty, this command displays a success message even though no logs are saved to the diagnostic log file.

Examples

# Manually save diagnostic logs from the diagnostic log file buffer to the diagnostic log file.

<Sysname> diagnostic-logfile save

The contents in the diagnostic log file buffer have been saved to the file flash:/diagfile/diagfile.log.

Related commands

info-center diagnostic-logfile enable

info-center diagnostic-logfile directory

display diagnostic-logfile summary

Use display diagnostic-logfile summary to display the diagnostic log file configuration.

Syntax

display diagnostic-logfile summary

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display the diagnostic log file configuration.

<Sysname> display diagnostic-logfile summary

  Diagnostic log file: Enabled.

  Diagnostic log file size quota: 10 MB

  Diagnostic log file directory: flash:/diagfile

  Writing frequency: 24 hour 0 min 0 sec

Table 1 Command output

Field	Description
Diagnostic log file	Status of the diagnostic log file: ·     Enabled—Diagnostic logs can be output to the diagnostic log file. ·     Disabled—Diagnostic logs cannot be output to the diagnostic log file.
Diagnostic log file size quota	Maximum size for the diagnostic log file, in MB.
Log file directory	Directory where the diagnostic log file is saved.
Writing frequency	Interval at which the device saves diagnostic logs from the buffer to the diagnostic log file.

‌

display info-center

Use display info-center to display information center configuration.

Syntax

display info-center

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display information center configuration.

<Sysname> display info-center

Information Center: Enabled

Console: Enabled

Monitor: Enabled

Log host: Enabled

    1.1.1.1, log output filter: loghost1

    port number: 514, host facility: local7

Log buffer: Enabled

    Max buffer size 1024, current buffer size 512,

    Current messages 0, dropped messages 0, overwritten messages 0

Log file: Enabled

Security log file: Enabled

Information timestamp format:

    Log host: Date

    Other output destination: Date

display info-center file-server

Use display info-center file-server to display the configuration of the remote server and the backup records.

Syntax

display info-center file-server

Views

User view

Predefined user roles

network-admin

network-operator

Usage guidelines

When the local device performs a log file backup to the remote server, it records relevant information for this backup operation. The device supports saving a maximum of 10 backup records.

You can use this command to view information about backup operations, including the backup execution time and result.

Examples

# Display the configuration of the remote server and the backup records.

<Sysname> display info-center file-server

Username: test

Protocol: tcp

IP: 1.1.1.1

Port: 22

VPN: vpnname

Directory: /backup

Filename prefix: my_backup

File type: logfile, security-logfile

Backup records:

 No. TimeStamp                FileName

 1   Wed Jan 15 14:20:18 2022 my_backup_20220115142018.log

!2   Wed Jan 15 14:33:10 2022 my_backup_20220115143310.log

 3   Wed Jan 15 14:49:37 2022 my_backup_20220115144937.log

The exclamation mark (!) indicates that the backup attempt failed.

Table 2 Command output

Field	Description
Username	Username for logging in to the remote server. This field displays N/A if the username is not configured. To back up log files through FTP or SCP, you must configure the login username and password.
Protocol	Protocol used in backing up log files.
IP	IP address of the remote server.
Port	Port number of the remote server.
VPN	VPN to which the remote server belongs.
Directory	Log file storage directory on the remote server.
Filename prefix	Filename prefix used in saving log files to the remote server.
Backup records	Records of log file backups, including the following information: ·     No.—Sequence number of the backup operation. ·     TimeStamp—System time when the device started backing up log files. ·     FileName—Filename used in saving log files on the remote server. The name consists of the filename prefix (displayed in the Filename prefix field) and the timestamp (based on the value displayed in the TimeStamp field).

 

Related commands

info-center file-server transport-type

info-center file-server user

display info-center filter

Use display info-center filter to display information about log output filters.

Syntax

display info-center filter [ filtername ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

filter-name: Specifies an existing log output filter by its name. If you do not specify a log output filter, this command displays information about all log output filters.

Examples

# Display information about log output filter loghost1.

<Sysname> display info-center filter loghost1

 Log output filter: loghost1

 Module                       Rule

 ARP                          Debugging

 CFGLOG                       Deny

 Default                      Informational

Table 3 Command output

Field	Description
Log output filter:	Name of the log output filter.
Module	Module to which the log output filter applies.
Rule	Rules in the log output filter.

‌

Related commands

info-center filter

display logbuffer

Use display logbuffer to display the state of the log buffer and the log information in the log buffer.

Syntax

display logbuffer [ reverse ] [ level severity | size buffersize | slot slot-number ] *

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

reverse: Displays log entries chronologically, with the most recent entry at the top. If you do not specify this keyword, the command displays log entries chronologically, with the oldest entry at the top.

level severity: Specifies a severity level in the range of 0 to 7. If you do not specify a severity level, this command displays log information for all levels.

Table 4 Log levels

Severity value	Level	Description
0	Emergency	The system is unusable. For example, the system authorization has expired.
1	Alert	Action must be taken immediately. For example, traffic on an interface exceeds the upper limit.
2	Critical	Critical condition. For example, the device temperature exceeds the upper limit, the power module fails, or the fan tray fails.
3	Error	Error condition. For example, the link state changes.
4	Warning	Warning condition. For example, an interface is disconnected, or the memory resources are used up.
5	Notification	Normal but significant condition. For example, a terminal logs in to the device, or the device reboots.
6	Informational	Informational message. For example, a command or a ping operation is executed.
7	Debugging	Debugging message.

‌

size buffersize: Specifies the number of latest logs to be displayed. The value range is 1 to 1024. If you do not specify this option, the command displays all logs in the log buffer.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays information on all cards.

Examples

# Display the state and log information of the log buffer.

<Sysname> display logbuffer

Log buffer: Enabled

Max buffer size: 1024

Actual buffer size: 512

Dropped messages: 0

Overwritten messages: 718

Current messages: 512

 

%Jun 17 15:57:09:578 2019 Sysname SYSLOG/7/SYS_RESTART:System restarted --

...

Table 5 Command output

Field	Description
Log buffer	Status of the log buffer: ·     Enabled—Logs can be output to the log buffer. ·     Disabled—Logs cannot be output to the buffer.
Max buffer size	Maximum buffer size supported by the device.
Actual buffer size	Maximum buffer size configured by using the info-center logbuffer size command.
Dropped messages	Number of dropped messages.
Overwritten messages	Number of overwritten messages.
Current messages	Number of current messages.
Failed to obtain the specified data. The following tries to display all data in the log buffer.	The device fails to obtain the data from the database because of abnormal interaction with the database. Then all data in the log buffer will be displayed.

‌

Related commands

info-center logbuffer

reset logbuffer

display logbuffer summary

Use display logbuffer summary to display the summary of the log buffer.

Syntax

display logbuffer summary [ level severity | slot slot-number ] *

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

level severity: Specifies a severity level in the range of 0 to 7. If you do not specify a severity level, this command displays log information of all levels in the log buffer. For more information about log levels, see Table 4.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays information on all cards.

Examples

# Display the summary of the log buffer.

<Sysname> display logbuffer summary

  Slot EMERG ALERT  CRIT ERROR  WARN NOTIF  INFO DEBUG

     1     0     0     0     7     0    34    38     0

Table 6 Command output

Field	Description
EMERG	Represents emergency. For more information, see Table 4.
ALERT	Represents alert. For more information, see Table 4.
CRIT	Represents critical. For more information, see Table 4.
ERROR	Represents error. For more information, see Table 4.
WARN	Represents warning. For more information, see Table 4.
NOTIF	Represents notification. For more information, see Table 4.
INFO	Represents informational. For more information, see Table 4.
DEBUG	Represents debug. For more information, see Table 4.

‌

display logfile summary

Use display logfile summary to display the log file configuration.

Syntax

display logfile summary

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display the log file configuration.

<Sysname> display logfile summary

  Log file: Enabled.

  Log file size quota: 10 MB

  Log file directory: flash:/logfile

  Writing frequency: 0 hour 1 min 10 sec

Table 7 Command output

Field	Description
Log file	Status of the log file feature: ·     Enabled—Logs can be output to the log file. ·     Disabled—Logs cannot be output to the log file.
Log file size quota	Maximum storage space reserved for a log file, in MB.
Log file directory	Log file directory.
Writing frequency	Log file writing frequency.

‌

display security-logfile summary

Use display security-logfile summary to display the summary of the security log file.

Syntax

display security-logfile summary

Views

Any view

Predefined user roles

security-audit

Usage guidelines

To use this command, a local user must have the security-audit user role. For information about configuring the security-audit user role, see BRAS Services Command Reference.

Examples

# Display the summary of the security log file.

<Sysname> display security-logfile summary

  Security log file: Enabled

  Security log file size quota: 10 MB

  Security log file directory: flash:/seclog

  Alarm threshold: 80%

  Current usage: 30%

  Writing frequency: 1 hour 0 min 0 sec

Table 8 Command output

Field	Description
Security log file	Status of the security log file feature: ·     Enabled—Security logs can be output to the security log file. ·     Disabled—Security logs cannot be output to the security log file.
Security log file size quota	Maximum storage space reserved for the security log file.
Security log file directory	Security log file directory.
Alarm threshold	Alarm threshold of the security log file usage.
Current usage	Current usage of the security log file.
Writing frequency	Security log file writing frequency.

‌

Related commands

authorization-attribute (BRAS Services Command Reference)

display trace-logfile summary

Use display trace-logfile summary to display the trace log file configuration.

Syntax

display trace-logfile summary

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display the trace log file configuration.

<Sysname> display trace-logfile summary

  Trace log file: Enabled.

  Trace log file size quota: 1 MB

  Trace log file directory: flash:/tracefile

  Writing frequency: 24 hour 0 min 0 sec

Table 9 Command output

Field	Description
Trace log file	Status of the trace log file feature: ·     Enabled—Trace logs can be saved to the trace log file on the storage device. ·     Disabled—Trace logs cannot be saved to the trace log file on the storage device.
Trace log file size quota	Maximum storage space reserved for the trace log file.
Trace log file directory	Trace log file directory.
Writing frequency	Trace log file writing frequency.

‌

enable log updown

Use enable log updown to enable an interface to generate link up or link down logs when the interface state changes.

Use undo enable log updown to disable an interface from generating link up or link down logs when the interface state changes.

Syntax

enable log updown

undo enable log updown

Default

All interfaces are allowed to generate link up and link down logs.

Views

Interface view

Predefined user roles

network-admin

Examples

# Disable Ten-GigabitEthernet 3/0/1 from generating link up or link down logs.

<Sysname> system-view

[Sysname] interface ten-gigabitethernet 3/0/1

[Sysname-Ten-GigabitEthernet3/0/1] undo enable log updown

info-center diagnostic-logfile directory

Use info-center diagnostic-logfile directory to configure the directory to save the diagnostic log file.

Syntax

info-center diagnostic-logfile directory dir-name

Default

The diagnostic log file is saved in the diagfile folder under the root directory of the storage device.

Views

System view

Predefined user roles

network-admin

Parameters

dir-name: Specifies a directory by its name, a string of 1 to 64 characters.

Usage guidelines

The specified directory must have been created.

The device uses the default diagnostic log file directory after a reboot or an active/standby MPU switchover.

Examples

# Set the diagnostic log file directory to flash:/test.

<Sysname> mkdir test

Creating directory flash:/test... Done.

<Sysname> system-view

[Sysname] info-center diagnostic-logfile directory flash:/test

info-center diagnostic-logfile enable

Use info-center diagnostic-logfile enable to enable saving of diagnostic logs to the diagnostic log file.

Use undo info-center diagnostic-logfile enable to disable saving of diagnostic logs to the diagnostic log file.

Syntax

info-center diagnostic-logfile enable

undo info-center diagnostic-logfile enable

Default

Saving of diagnostic logs to the diagnostic log file is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command enables saving of diagnostic logs to the diagnostic log file for centralized management. Users can view the diagnostic logs to monitor device activities and to troubleshoot problems.

Examples

# Enable saving of diagnostic logs to the diagnostic log file.

<Sysname> system-view

[Sysname] info-center diagnostic-logfile enable

info-center diagnostic-logfile frequency

Use info-center diagnostic-logfile frequency to configure the interval at which the device saves diagnostic logs from the diagnostic log file buffer to the diagnostic log file.

Use undo info-center diagnostic-logfile frequency to restore the default.

Syntax

info-center diagnostic-logfile frequency freq-sec

undo info-center diagnostic-logfile frequency

Default

The diagnostic log file saving interval is 600 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

freq-sec: Specifies the diagnostic log file saving interval in seconds. The value range is 10 to 86400.

Usage guidelines

The device outputs diagnostic logs to the diagnostic log file buffer, and then saves the buffered logs to the diagnostic log file at the specified interval.

Examples

# Set the diagnostic log file saving interval to 600 seconds.

<Sysname> system-view

[Sysname] info-center diagnostic-logfile frequency 600

Related commands

info-center diagnostic-logfile enable

info-center diagnostic-logfile quota

Use info-center diagnostic-logfile quota to set the maximum size for the diagnostic log file.

Use undo info-center diagnostic-logfile quota to restore the default.

Syntax

info-center diagnostic-logfile quota size

undo info-center diagnostic-logfile quota

Default

The maximum size for the diagnostic log file is 10 MB.

Views

System view

Predefined user roles

network-admin

Parameters

size: Specifies the maximum size for the diagnostic log file, in MB. The value range is 1 to 10.

Examples

# Set the maximum size to 2 MB for the diagnostic log file.

<Sysname> system-view

[Sysname] info-center diagnostic-logfile quota 2

info-center enable

Use info-center enable to enable the information center.

Use undo info-center enable to disable the information center.

Syntax

info-center enable

undo info-center enable

Default

The information center is enabled.

Views

System view

Predefined user roles

network-admin

Examples

# Enable the information center.

<Sysname> system-view

[Sysname] info-center enable

Information center is enabled.

info-center file-server transport-type

Use info-center file-server transport-type to back up log files to a remote server.

Use undo info-center file-server transport-type to restore the default.

Syntax

info-center file-server transport-type { ftp | scp | tftp } { ipv4-address | ipv6 ipv6-address } [ port port-number ] [ vpn-instance vpn-instance-name ] [ directory directory ] filename-prefix filename-prefix [ file-type { logfile | security-logfile } ]

undo info-center file-server transport-type

Default

The device does not back up log files to a remote server.

Views

System view

Predefined user roles

network-admin

Parameters

ftp: Uses FTP to back up log files to the remote server. The device acts as the FTP client. For more information about FTP, see FTP and TFTP configuration in Fundamentals Configuration Guide.

scp: Uses SCP to back up log files to the remote server. The SCP protocol is based on SSH2 and provides secure file copy function. The device acts as the SCP client. For more information about SCP, see SSH configuration in Security Configuration Guide.

tftp: Uses TFTP to back up log files to the remote server. The device acts as the TFTP client. For more information about TFTP, see FTP and TFTP configuration in Fundamentals Configuration Guide.

ipv4-address: Specifies a remote server by its IPv4 address. The address must be the same as that configured on the remote server.

ipv6 ipv6-address: Specifies a remote server by its IPv6 address. The address must be the same as that configured on the remote server.

port port-number: Specifies the listening port number of the remote server, in the range of 1 to 65535. The default is 21 for FTP, 22 for SCP, and 69 for TFTP. The port number must be the same as that configured on the remote server.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the log host is on the public network, do not specify this option.

directory directory: Specifies a log file storage directory on the remote server, a case-sensitive string of 1 to 63 characters. If you do not specify a directory, log files will be backed up to the working path of the remote server. You can use this option to specify a subdirectory under the working path of the remote server. For successful backup, make sure the subdirectory has been created on the remote server. Specify the relative path of the subdirectory for a TFTP or FTP server, and the absolute path of the subdirectory for an SCP server.

filename-prefix filename-prefix: Specifies a filename prefix used in saving log files to the remote server, a case-sensitive string of 1 to 30 characters. For example, you can use the device's IP address as the filename prefix to identify the device that generated the log files.

file-type { logfile | security-logfile }: Specifies the type of log files to back up. If you do not specify a log file type, all general log files and security log files under the corresponding directories will be backed up.

·     logfile: General log files under the directory specified by the info-center logfile directory command.

·     security-logfile: Security log files under the directory specified by the info-center security-logfile directory command.

Usage guidelines

You can use this command to back up general log files and/or security log files to a remote server through FTP, TFTP, or SCP, so as to enhance the log file security.

The device will automatically back up a log file to the remote server when a log file is full.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Use FTP to back up general log files to the remote server at 1.1.1.1, and specify the port number and filename prefix as 8000 and 2-2-2-2, respectively.

<Sysname> system-view

[Sysname] info-center file-server transport-type ftp 1.1.1.1 port 8000 filename-prefix 2-2-2-2 file-type logfile

Related commands

display info-center file-server

info-center file-server user

info-center file-server user

Use info-center file-server user to specify the username and password for logging in to the remote server to back up log files.

Syntax

info-center file-server user user-name password { cipher | simple } password

undo info-center file-server user

Default

The username and password for logging in to the remote server to back up log files are not specified.

Views

System view

Predefined user roles

network-admin

Parameters

user-name: Specifies a username for logging in to the remote server.

password { cipher | simple } password: Specifies a password for logging in to the remote server, case sensitive.

·     cipher: Specifies a password in encrypted form, a string of 33 to 117 characters.

·     simple: Specifies a password in plaintext form, a string of 1 to 63 characters. For security purposes, the password specified in plaintext form will be stored in encrypted form.

Usage guidelines

Before backing up log files to a FTP or SCP remote server, use this command to specify the username and password for logging in to the remote server. The username and password configured in this command must be the same as those configured on the remote server.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the username and password for logging in to the FTP or SCP remote server as ftpuser and ftp123456, respectively.

<Sysname> system-view

[Sysname] info-center file-server user ftpuser password simple ftp123456

Related commands

display info-center file-server

info-center file-server transport-type

info-center filter

Use info-center filter to create a log output filter.

Use undo info-center filter to delete a log output filter.

Syntax

info-center filter filter-name { module-name | default } { deny | level severity }

undo info-center filter filter-name [ module-name | default ]

Default

No log output filters exist.

Views

System view

Predefined user roles

network-admin

Parameters

filter-name: Specifies a name for the log output filter, a case-insensitive string of 1 to 8 characters.

module-name: Specifies a module by its name. To view the names of supported modules, execute the info-center filter filter-name ? command.

default: Specifies the default log output filter rule. For the log host output destination, the logs of alert, critical, debugging, emergency, error, and informational levels for all modules can be output. You can customize the log output filter rules as required.

deny: Disables log output.

level severity: Specifies the lowest severity level for logs to be output. A severity level can be alert, critical, debugging, emergency, error, informational, notification, or warning. Logs at the specified severity level and higher levels are allowed to be output. For example, if you specify the warning severity in this option, the command will output logs at emergency, alert, critical, error, and warning levels. See Table 4 for more information about log severity levels.

Usage guidelines

This command allows you to configure rules to control log output to the log host. The module-name argument allows you to customize a log output filter rule for each module. If you do not customize a log output filter rule for a module, the module uses the default log output filter rule. The default log output filter rule allows logs of alert, critical, debugging, emergency, error, and informational levels to be output.

You can also use the info-center source command to configure log output filter rules. To control log output to a log host, the log output filter rule specified by the info-center filter command takes precedence over that specified by the info-center source command.

If you execute this command multiple times, the following rules apply:

·     You can configure multiple log output filter rules and bind the log output filter rules to one log hosts or multiple log hosts.

·     If the values of the filter-name and module-name arguments are the same, the most recent configuration takes effect.

·     If the default keyword is specified and the value of the filter-name argument is the same, the most recent configuration takes effect.

Do not specify the default keyword and set the severity argument to informational simultaneously. Such configuration is the same as the default log output filter rule, thus the configuration will fail.

To edit or remove a module-specific log output filter rule, you must use the module-name argument.

Examples

# Configure log output filter f1 for the ACL module, and apply the filter to the log host at 1.1.1.1.

<Sysname> system-view

[Sysname] info-center filter f1 ACL level error

[Sysname] info-center loghost 1.1.1.1 filter f1

Related commands

display info-center filter

info-center loghost

info-center source

info-center loghost locate-info with-sn

Use info-center loghost locate-info with-sn to add the device serial number to the location field of logs sent to log hosts.

Use undo info-center loghost locate-info with-sn to restore the default.

Syntax

info-center loghost locate-info with-sn

undo info-center loghost locate-info with-sn

Default

The device does not add the device serial number to the location field of logs sent to log hosts.

Views

System view

Predefined user roles

network-admin

Examples

# Add the device serial number to the location field of logs sent to log hosts.

<Sysname> system-view

[Sysname] info-center loghost locate-info with-sn

info-center format

Use info-center format to set the format for logs sent to log hosts.

Use undo info-center format to restore the default.

Syntax

info-center format { cmcc | unicom }

undo info-center format

Default

Logs are sent to log hosts in standard format.

Views

System view

Predefined user roles

network-admin

Parameters

cmcc: Specifies the China Mobile Communications Corporation (CMCC) format.

unicom: Specifies the China Unicom format.

Usage guidelines

Logs can be sent to log hosts in standard, China Unicom, or CMCC format. For more information about log formats, see Network Management and Monitoring Configuration Guide.

The format specified by the info-center format command applies to all log hosts and that specified by the info-center loghost command applies to the specified log hosts. For a log host, the format specified by the info-center loghost command takes precedence over the format specified by the info-center format command.

Examples

# Set the log format to China Unicom for logs sent to log hosts.

<Sysname> system-view

[Sysname] info-center format unicom

Related commands

info-center loghost

info-center logbuffer

Use info-center logbuffer to enable log output to the log buffer.

Use undo info-center logbuffer to disable log output to the log buffer.

Syntax

info-center logbuffer

undo info-center logbuffer

Default

Log output to the log buffer is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command enables output of logs generated by service modules to the log buffer. To view log buffer information and buffered logs, use the display logbuffer command. To set the log buffer size, use the info-center logbuffer size command.

Examples

# Enable log output to the log buffer.

<Sysname> system-view

[Sysname] info-center logbuffer

Related commands

display logbuffer

info-center enable

info-center logbuffer size

Use info-center logbuffer size to set the maximum number of logs that can be stored in the log buffer.

Use undo info-center logbuffer size to restore the default.

Syntax

info-center logbuffer size buffersize

undo info-center logbuffer size

Default

The log buffer can store a maximum of 512 logs.

Views

System view

Predefined user roles

network-admin

Parameters

buffersize: Specifies the maximum number of logs that can be stored in the log buffer.The value range is 0 to 1024.

Examples

# Set the maximum log buffer size to 50.

<Sysname> system-view

[Sysname] info-center logbuffer size 50

# Restore the default maximum log buffer size.

<Sysname> system-view

[Sysname] undo info-center logbuffer size

Related commands

display logbuffer

info-center enable

info-center logfile alarm-threshold

Use info-center logfile alarm-threshold to set the log file usage alarm threshold.

Use undo info-center logfile alarm-threshold to restore the default.

Syntax

info-center logfile alarm-threshold usage

undo info-center logfile alarm-threshold

Default

The log file usage alarm threshold is 80% of the log file size. When the log file usage ratio reaches 80%, the system outputs a message to inform the user.

Views

System view

Predefined user roles

network-admin

Parameters

usage: Specifies an alarm threshold in percentage in the range of 0 to 100. Setting the alarm threshold to 0 disables the log file usage alarm feature.

Usage guidelines

After you set the log file usage alarm threshold, the system outputs a message to inform the user when the threshold is reached. The user can then back up the log file to avoid loss of log data.

Examples

# Set the log file usage alarm threshold to 90% of the general log file size.

<Sysname> system-view

[Sysname] info-center logfile alarm-threshold 90

info-center logfile directory

Use info-center logfile directory to specify the directory to save the log file.

Syntax

info-center logfile directory dir-name

Default

The log file is saved in the logfile directory under the root directory of the storage device. If the device has been CF partitioned, the log file is saved in the logfile directory under the second partition of the CF card.

Views

System view

Predefined user roles

network-admin

Parameters

dir-name: Specifies a directory by its name, a string of 1 to 64 characters.

Usage guidelines

The specified directory must have been created.

The log file has a .log extension. When the default log file directory runs out of space, use this command to specify a new log file directory.

The device uses the default log file directory after a reboot or an active/standby MPU switchover.

Examples

# Set the log file directory to flash:/test.

<Sysname> mkdir test

Creating directory flash:/test... Done.

<Sysname> system-view

[Sysname] info-center logfile directory flash:/test

Related commands

info-center logfile enable

info-center logfile enable

Use info-center logfile enable to enable saving of logs to the log file.

Use undo info-center logfile enable to disable saving of logs to the log file.

Syntax

info-center logfile enable

undo info-center logfile enable

Default

Saving of logs to the log file is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

After you execute this command, the system outputs logs generated by service modules to the log file.

Examples

# Enable saving of logs to the log file.

<Sysname> system-view

[Sysname] info-center logfile enable

info-center logfile frequency

Use info-center logfile frequency to configure the interval at which the device saves logs from the log file buffer to the log file.

Use undo info-center logfile frequency to restore the default.

Syntax

info-center logfile frequency freq-sec

undo info-center logfile frequency

Default

The log file saving interval is 600 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

freq-sec: Specifies the log file saving interval in seconds. The value range is 1 to 86400.

Usage guidelines

This command enables the device to automatically save logs in the log file buffer to the log file at the specified interval.

Examples

# Set the log file saving interval to 60000 seconds.

<Sysname> system-view

[Sysname] info-center logfile frequency 60000

Related commands

info-center logfile enable

info-center logfile size-quota

Use info-center logfile size-quota to set the maximum size for the log file.

Use undo info-center logfile size-quota to restore the default.

Syntax

info-center logfile size-quota size

undo info-center logfile size-quota

Default

The maximum log file size is 10 MB.

Views

System view

Predefined user roles

network-admin

Parameters

size: Specifies the maximum size for the log file, in MB.The value range is 1 to 10.

Examples

# Set the maximum size to 2 MB for the log file.

<Sysname> system-view

[Sysname] info-center logfile size-quota 2

Related commands

info-center logfile enable

info-center logging suppress duplicates

Use info-center logging suppress duplicates to enable duplicate log suppression.

Use undo info-center logging suppress duplicates to disable duplicate log suppression.

Syntax

info-center logging suppress duplicates

undo info-center logging suppress duplicates

Default

Duplicate log suppression is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Output of consecutive duplicate logs (logs that have the same module name, level, mnemonic, location, and text) wastes system and network resources.

With duplicate log suppression enabled, the system starts a suppression period upon outputting a log:

·     If only duplicate logs are received during the suppression period, the information center does not output the duplicate logs. When the suppression period expires, the information center outputs a log which contains the suppressed log and the number of times the log is suppressed.

·     If a different log is received during the suppression period, the information center performs the following operations:

¡     Outputs the suppressed log and the number of times the log is suppressed.

¡     Outputs the different log and starts a suppression period for that log.

Examples

# Enable duplicate log suppression on device A.

·     Suppose the IP address of Ten-GigabitEthernet3/0/1 on device A conflicts with the IP address of another device on the network, device A will output the following log information repeatedly:

%Jan  1 07:27:48:636 2000 Sysname ARP/6/DUPIFIP:

Duplicate address 172.16.0.1 on interface Ten-GigabitEthernet3/0/1, sourced from 00e0-0058-123d

·     Enable duplicate log suppression on device A.

<Sysname> system-view

[Sysname] info-center logging suppress duplicates

·     Device A continues to output the following log information:

%Jan  1 07:27:48:636 2000 Sysname ARP/6/DUPIFIP:

Duplicate address 172.16.0.1 on interface Ten-GigabitEthernet3/0/1, sourced from 00e0-0058-123d

%Jan  1 07:28:19:639 2000 Sysname ARP/6/DUPIFIP:

Duplicate address 172.16.0.1 on interface Ten-GigabitEthernet3/0/1, sourced from 00e0-0058-123d

 This message repeated 4 times in last 30 seconds.

The output shows that after the duplicate log suppression feature is enabled, the system outputs another duplicate log and starts the first suppression period for 30 seconds.

%Jan  1 07:30:19:643 2000 Sysname ARP/6/DUPIFIP:

Duplicate address 172.16.0.1 on interface Ten-GigabitEthernet3/0/1, sourced from 00e0-0058-123d

 This message repeated 20 times in last 2 minutes.

The output shows that the second suppression period lasts for 2 minutes.

%Jan  1 07:30:20:541 2000 Sysname ARP/6/DUPIFIP:

Duplicate address 172.16.0.1 on interface Ten-GigabitEthernet3/0/1, sourced from 00e0-0058-123d

 This message repeated 1 times in last 1 second.

%Jan  1 07:30:19:542 2000 Sysname CFGMAN/5/CFGMAN_CFGCHANGED: -EventIndex=[12]-CommandSource=[2]-ConfigSource=[4]-ConfigDestination=[2]; Configuration is changed.

The output shows that a different log is generated during the suppression period.

%Jan  1 07:30:24:643 2000 Sysname ARP/6/DUPIFIP:

Duplicate address 172.16.0.1 on interface Ten-GigabitEthernet3/0/1, sourced from 00e0-0058-123d

%Jan  1 07:30:55:645 2000 Sysname ARP/6/DUPIFIP:

Duplicate address 172.16.0.1 on interface Ten-GigabitEthernet3/0/1, sourced from 00e0-0058-123d

 This message repeated 4 times in last 30 seconds.

The output shows that the system starts another suppression period.

info-center logging suppress module

Use info-center logging suppress module to configure a log suppression rule for a module.

Use undo info-center logging suppress module to delete a log suppression rule.

Syntax

info-center logging suppress module module-name mnemonic { all | mnemonic-value }

undo info-center logging suppress module module-name mnemonic { all | mnemonic-value }

Default

The device does not suppress output of any logs from any modules.

Views

System view

Predefined user roles

network-admin

Parameters

module-name: Specifies a log source module by its name, a case-insensitive string of 1 to 8 characters. To view the list of available log source modules, use the info-center logging suppress module ? command.

mnemonic: Configures a mnemonic filter for log suppression.

·     all: Suppresses output of all logs of the module.

·     mnemonic-value: Suppresses output of logs with the specified mnemonic value. The mnemonic-value argument is a case-insensitive string of 1 to 32 characters, which must be the complete value contained in the mnemonic field of the log message. Log suppression will fail if a partial mnemonic value is specified.

Usage guidelines

You can configure log suppression rules to filter out the logs that you are not concerned with. A log suppression rule suppresses output of all logs or only logs with a specific mnemonic value for a module.

Examples

# Configure a log suppression rule to suppress output of logs with the shell_login mnemonic value for the shell module.

<Sysname> system-view

[Sysname] info-center logging suppress module shell mnemonic shell_login

Related commands

info-center source

info-center loghost

Use info-center loghost to specify a log host and to configure output parameters.

Use undo info-center loghost to remove a log host.

Syntax

info-center loghost [ vpn-instance vpn-instance-name ] { hostname | ipv4-address | ipv6 ipv6-address } [ facility local-number | filter filter-name | format { cmcc | default | unicom } | port port-number | source-ip source-ip-address ] * [ tcp [ ssl-client-policy policy-name ] ]

undo info-center loghost [ vpn-instance vpn-instance-name ] { hostname | ipv4-address | ipv6 ipv6-address }

Default

No log hosts are specified.

Views

System view

Predefined user roles

network-admin

Parameters

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the log host is on the public network, do not specify this option.

hostname: Specifies a log host by its name, a case-insensitive string of 1 to 253 characters. The host name can contain letters, digits, and special characters including hyphen (-), underscore (_), and dot (.).

ipv4-address: Specifies a log host by its IPv4 address.

ipv6 ipv6-address: Specifies a log host by its IPv6 address.

facility local-number: Specifies a logging facility from local0 to local7 for the log host. The default value is local7. Logging facilities are used to mark different logging sources, and query and filer logs.

filter filter-name: Specifies a log output filter to control log output to the log host. The filter-name argument represents the filter name, a case-insensitive string of 1 to 8 characters. If you do not specify a log output filter, the log output rules configured by using the info-center source command for the log host destination are used.

format: Specifies a format for logs sent to the log host. If you do not specify a format, the format specified by the info-center format command is used.

·     cmcc: Specifies the China Mobile Communications Corporation (CMCC) format.

·     default: Specifies the non-customized format.

·     unicom: Specifies the China Unicom format.

port port-number: Specifies the port number of the log host, in the range of 1 to 65535. The default is 514. It must be the same as the value configured on the log host. Otherwise, logs cannot be sent to the log host.

source-ip source-ip-address: Specifies the source IP address for logs sent to the log host. If you do not specify this option, the source IP address specified by the info-center loghost source command is used.

tcp: Uses TCP to send logs. The device uses UDP to send logs by default.

ssl-client-policy policy-name: Specifies an SSL client policy to encrypt the sent logs, a case-insensitive string of 1 to 31 characters. If you do not specify this option, logs are sent without encryption.

Usage guidelines

The info-center loghost command takes effect only after the information center is enabled by using info-center enable command.

The device supports specifying a maximum of 20 log hosts.

To use an SSL client policy to encrypt the logs sent to a log host, configure the SSL client policy first. If you have not configured the SSL client policy, the SSL connection cannot be established and logs cannot be sent to the log host. For more information about SSL client policy configuration, see SSL VPN configuration in Security Configuration Guide.

Examples

# Output logs to the log host at 1.1.1.1.

<Sysname> system-view

[Sysname] info-center loghost 1.1.1.1

# Output logs to the log host at 1.1.1.1. Use filter f1 to control ACL's log output to the log host.

<Sysname> system-view

[Sysname] info-center filter f1 acl level debugging

[Sysname] info-center loghost 1.1.1.1 filter f1

Related commands

info-center filter

info-center format

info-center source

ssl client-policy (Security Command Reference)

info-center loghost source

Use info-center loghost source to specify a source IP address for logs sent to log hosts.

Use undo info-center loghost source to restore the default.

Syntax

info-center loghost source interface-type interface-number

undo info-center loghost source

Default

The source IP address of logs sent to log hosts is the primary IP address of the outgoing interface.

Views

System view

Predefined user roles

network-admin

Parameters

interface-type interface-number: Specifies an interface by its type and number.

Usage guidelines

The device uses the primary IP address of the specified interface as the source IP address of the logs sent to log hosts.

The info-center loghost source command takes effect only after the information center is enabled by using info-center enable command.

The source IP address specified by the info-center loghost source command applies to all log hosts and that specified by the info-center loghost command applies to the specified log hosts. For a log host, the source IP address specified by the info-center loghost command takes precedence over that specified by the info-center loghost source command.

Examples

# Use the IP address of interface Loopback 0 as the source IP address of the logs sent to log hosts.

<Sysname> system-view

[Sysname] interface loopback 0

[Sysname-LoopBack0] ip address 2.2.2.2 32

[Sysname-LoopBack0] quit

[Sysname] info-center loghost source loopback 0

Related commands

info-center loghost

info-center security-logfile alarm-threshold

Use info-center security-logfile alarm-threshold to set the alarm threshold for security log file usage.

Use undo info-center security-logfile alarm-threshold to restore the default.

Syntax

info-center security-logfile alarm-threshold usage

undo info-center security-logfile alarm-threshold

Default

The alarm threshold for security log file usage is 80. When the usage of the security log file reaches 80%, the system outputs a message to inform the administrator.

Views

System view

Predefined user roles

network-admin

Parameters

usage: Specifies an alarm threshold. The value must be an integer in the range of 1 to 100.

Usage guidelines

When the security log file is full, the system deletes the oldest logs and then writes new logs to the security log file. This feature helps avoid security log loss by setting an alarm threshold for the security log file usage. When the threshold is reached, the system outputs log information to inform the administrator. The administrator can log in to the device with the security-audit user role and back up the security log file.

Examples

# Set the alarm threshold for security log file usage to 90.

<Sysname> system-view

[Sysname] info-center security-logfile alarm-threshold 90

Related commands

info-center security-logfile size-quota

info-center security-logfile directory

Use info-center security-logfile directory to specify the security log file directory.

Syntax

info-center security-logfile directory dir-name

Default

The security log file is saved in the seclog folder under the root directory of the storage device.

Views

System view

Predefined user roles

security-audit

Parameters

dir-name: Specifies a directory by its name, a string of 1 to 64 characters.

Usage guidelines

The specified directory must have been created.

The device uses the default security log file directory after a reboot or an active/standby MPU switchover.

Examples

# Set the security log file directory to flash:/test.

<Sysname> mkdir test

Creating directory flash:/test... Done.

<Sysname> system-view

[Sysname] info-center security-logfile directory flash:/test

info-center security-logfile enable

Use info-center security-logfile enable to enable saving of security logs to the security log file.

Use undo info-center security-logfile enable to disable saving of security logs to the security log file.

Syntax

info-center security-logfile enable

undo info-center security-logfile enable

Default

Saving of security logs to the security log file is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This feature enables the device to output security logs to the security log file buffer, and then saves the buffered logs to the security log file regularly.

Examples

# Enable saving of security logs to the security log file.

<Sysname> system-view

[Sysname] info-center security-logfile enable

info-center security-logfile frequency

Use info-center security-logfile frequency to configure the interval for saving security logs to the security log file.

Use undo info-center security-logfile frequency to restore the default.

Syntax

info-center security-logfile frequency freq-sec

undo info-center security-logfile frequency

Default

The security log file saving interval is 86400 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

freq-sec: Specifies the security log file saving interval in seconds. The value range is 10 to 86400 seconds.

Usage guidelines

The system outputs security logs to the security log file buffer, and then saves the buffered logs to the security log file at the specified interval.

Examples

# Set the security log file saving interval to 600 seconds.

<Sysname> system-view

[Sysname] info-center security-logfile frequency 600

Related commands

info-center security-logfile enable

info-center security-logfile size-quota

Use info-center security-logfile size-quota to set the maximum size for the security log file.

Use undo info-center security-logfile size-quota to restore the default.

Syntax

info-center security-logfile size-quota size

undo info-center security-logfile size-quota

Default

The maximum size for the security log file is 10 MB.

Views

System view

Predefined user roles

network-admin

Parameters

size: Sets the maximum size for the security log file, in MB. The value range is 1 to 10.

Examples

# Set the maximum size to 6 MB for the security log file.

<Sysname> system-view

[Sysname] info-center security-logfile size-quota 6

Related commands

info-center security-logfile alarm-threshold

info-center source

Use info-center source to configure a log output rule for a module.

Use undo info-center source to restore the default.

Syntax

info-center source { module-name | default } { console | logbuffer | logfile | loghost | monitor } { deny | level severity }

undo info-center source { module-name | default } { console | logbuffer | logfile | loghost | monitor }

Default

Table 10 lists the default log output rules.

Table 10 Default log output rules

Destination	Log source modules	Output switch	Severity
Console	All supported modules	Enabled	Debugging
Monitor terminal	All supported modules	Disabled	Debugging
Log host	All supported modules	Enabled	Informational
Log buffer	All supported modules	Enabled	Informational
Log file	All supported modules	Enabled	Informational

‌

Views

System view

Predefined user roles

network-admin

Parameters

module-name: Specifies a module by its name. You can use the info-center source ? command to view the modules supported by the device.

default: Specifies all supported modules.

console: Outputs logs to the console.

logbuffer: Outputs logs to the log buffer.

logfile: Outputs logs to the log file.

loghost: Outputs logs to the log host.

monitor: Outputs logs to the monitor terminal.

deny: Disables log output.

level severity: Specifies the lowest severity level for logs to be output. A severity level can be alert, critical, debugging, emergency, error, informational, notification, or warning. Logs at the specified severity level and higher levels are allowed to be output. For example, if you specify the warning severity in this option, the command will output logs at emergency, alert, critical, error, and warning levels. See Table 4 for more information about log severity levels.

Usage guidelines

If you do not set an output rule for a module, the module uses the output rule set by using the default keyword. If no rule is set by using the default keyword, the module uses the default output rule.

To modify or remove an output rule set for a module, you must use the module-name argument. A new output rule configured by using the default keyword does not take effect on the module.

If you execute this command for a module multiple times, the most recent configuration takes effect.

If you execute this command for the default modules multiple times, the most recent configuration takes effect.

Examples

# Output only ARP module's information with the emergency level to the console.

<Sysname> system-view

[Sysname] info-center source default console deny

[Sysname] info-center source arp console level emergency

# Based on the previous configuration, disable output of ARP module's information to the console so no system information is output to the console.

<Sysname> system-view

[Sysname] undo info-center source arp console

info-center synchronous

Use info-center synchronous to enable synchronous information output.

Use undo info-center synchronous to disable synchronous information output.

Syntax

info-center synchronous

undo info-center synchronous

Default

Synchronous information output is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

System log output interrupts ongoing configuration operations, including obscuring previously entered commands. Synchronous information output shows the obscured commands. It also provides a command prompt in command editing mode, or a [Y/N] string in interaction mode so you can continue your operation from where you were stopped.

Examples

# Enable synchronous information output, and then execute the display current-configuration command to view the current configuration of the device.

<Sysname> system-view

[Sysname] info-center synchronous

Info-center synchronous output is on

[Sysname] display current-

At this time, the system receives log information. It displays the log information first, and then displays your previous input, which is display current- in this example.

%May 21 14:33:19:425 2007 Sysname SHELL/5/SHELL_LOGIN: VTY logged in from 192.168.1.44

[Sysname] display current-

Enter configuration to complete the display current-configuration command, and press the Enter key to execute the command.

# Enable synchronous information output, and then save the current configuration (enter interactive information).

<Sysname> system-view

[Sysname] info-center synchronous

Info-center synchronous output is on

[Sysname] save

The current configuration will be written to the device. Are you sure? [Y/N]:

At this time, the system receives the log information. It displays the log information first and then displays [Y/N].

%May 21 14:33:19:425 2007 Sysname SHELL/5/SHELL_LOGIN: VTY logged in from 192.168.1.44

[Y/N]:

Enter Y or N to complete your input.

info-center syslog min-age

Use info-center syslog min-age to set the minimum storage period for log files and logs in the log buffer.

Use undo info-center syslog min-age to restore the default.

Syntax

info-center syslog min-age min-age

undo info-center syslog min-age

Default

The minimum storage period for log files and logs in the log buffer is not set.

Views

System view

Predefined user roles

network-admin

Parameters

min-age: Sets the minimum storage period in hours. The value range is 1 to 8760.

Examples

# Set the minimum storage period to 168 hours for log files and logs in the log buffer.

<Sysname> system-view

[Sysname] info-center syslog min-age 168

info-center syslog trap buffersize

Use info-center syslog trap buffersize to set the maximum number of log traps that can be stored in the log trap buffer.

Use undo info-center syslog trap buffersize to restore the default.

Syntax

info-center syslog trap buffersize buffersize

undo info-center syslog trap buffersize

Default

The log trap buffer can store a maximum of 1024 traps.

Views

System view

Predefined user roles

network-admin

Parameters

buffersize: Specifies the maximum number of log traps that can be stored in the log trap buffer. The value range is 0 to 65535. Value 0 indicates that the device does not buffer log traps.

Usage guidelines

Log traps are SNMP notifications stored in the log trap buffer. After the snmp-agent trap enable syslog command is configured, the device sends log messages in SNMP notifications to the log trap buffer. You can view the log traps by accessing the MIB corresponding to the trap buffer.

The default buffer size is usually used. You can adjust the buffer size according to your network condition. New traps overwrite the oldest traps when the log trap buffer is full.

Examples

# Set the log trap buffer size to 2048.

<Sysname> system-view

[Sysname] info-center syslog trap buffersize 2048

Related commands

snmp-agent trap enable syslog

info-center timestamp

Use info-center timestamp to set the timestamp format for logs sent to the console, monitor terminal, log buffer, and log file.

Use undo info-center timestamp to restore the default.

Syntax

info-center timestamp { boot | date | none }

undo info-center timestamp

Default

The timestamp format for logs sent to the console, monitor terminal, log buffer, and log file is date.

Views

System view

Predefined user roles

network-admin

Parameters

boot: Sets the timestamp format to xxx.yyy, where xxx is the most significant 32 bits (in milliseconds) and yyy is the least significant 32 bits. For example, 0.21990989 equals Jun 25 14:09:26:881 2007. The boot time shows the time since system startup.

date: Sets the timestamp format to MMM DD hh:mm:ss:xxx YYYY, such as Dec  8 10:12:21:708 2007. The date time shows the current system time.

·     MMM: Abbreviations of the months in English, which could be Jan, Feb, Mar, Apr, May, Jun, Jul, Aug, Sep, Oct, Nov, or Dec.

·     DD: Date, starting with a space if it is less than 10, for example " 7".

·     hh:mm:ss:xxx: Local time, with hh in the range of 00 to 23, mm and ss in the range of 00 to 59, and xxx in the range of 0 to 999.

·     YYYY: Year.

none: Indicates no time information is provided.

Examples

# Set the timestamp format to boot for logs sent to the console, monitor terminal, log buffer, and log file.

<Sysname> system-view

[Sysname] info-center timestamp boot

Related commands

info-center timestamp loghost

info-center timestamp loghost

Use info-center timestamp loghost to set the timestamp format for logs sent to log hosts.

Use undo info-center timestamp loghost to restore the default.

Syntax

info-center timestamp loghost { date | iso | no-year-date | none }

undo info-center timestamp loghost

Default

The timestamp format for logs sent to log hosts is date.

Views

System view

Predefined user roles

network-admin

Parameters

date: Sets the timestamp format to mmm dd hh:mm:ss yyyy, such as Dec  8 10:12:21 2007. The date time shows the current system time.

iso: Sets the ISO 8601 timestamp format, for example, 2009-09-21T15:32:55.

no-year-date: Sets the timestamp format to the current system date and time without year.

none: Indicates that no timestamp information is provided.

Examples

# Set the timestamp format to no-year-date for logs sent to log hosts.

<Sysname> system-view

[Sysname] info-center timestamp loghost no-year-date

Related commands

info-center timestamp

info-center trace-logfile directory

Use info-center trace-logfile directory to specify the trace log file directory on the storage device.

Syntax

info-center trace-logfile directory dir-name

Default

The trace log file is saved in the tracefile folder under the root directory of the storage device.

Views

System view

Predefined user roles

network-admin

Parameters

dir-name: Specifies a directory by its name, a string of 1 to 64 characters. The specified directory must have been created.

Usage guidelines

The device uses the default trace log file directory after a reboot or an active/standby MPU switchover.

Examples

# Set the trace log file directory to flash:/test.

<Sysname> mkdir test

Creating directory flash:/test... Done.

<Sysname> system-view

[Sysname] info-center trace-logfile directory flash:/test

Related commands

info-center trace-logfile enable

trace-logfile save

info-center trace-logfile enable

Use info-center trace-logfile enable to enable saving of trace logs to the trace log file.

Use undo info-center trace-logfile enable to disable saving of trace logs to the trace log file.

Syntax

info-center trace-logfile enable

undo info-center trace-logfile enable

Default

The saving of trace logs to the trace log file on the storage device is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

The device stores all trace logs in memory. After this command is executed, the device also saves trace logs with severity levels 0 through 3 to the trace log file on the storage device.

You can view the trace logs in the trace log file to monitor the device status.

Examples

# Enable the saving of trace logs to the trace log file.

<Sysname> system-view

[Sysname] info-center trace-logfile enable

Related commands

info-center trace-logfile directory

info-center trace-logfile frequency

info-center trace-logfile quota

trace-logfile save

info-center trace-logfile frequency

Use info-center trace-logfile frequency to configure the interval for saving trace logs to the trace log file.

Use undo info-center trace-logfile frequency to restore the default.

Syntax

info-center trace-logfile frequency freq-sec

undo info-center trace-logfile frequency

Default

The trace log file saving interval is 86400 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

freq-sec: Specifies the trace log file saving interval in seconds. The value range is 10 to 86400 seconds.

Usage guidelines

After saving of trace logs to the trace log file is enabled, the device saves trace logs with severity levels 0 through 3 to the trace log file buffer, and then saves the buffered logs to the trace log file at the specified interval.

Examples

# Set the trace log file saving interval to 600 seconds.

<Sysname> system-view

[Sysname] info-center trace-logfile frequency 600

Related commands

info-center trace-logfile enable

info-center trace-logfile quota

Use info-center trace-logfile quota to set the maximum trace log file size.

Use undo info-center trace-logfile quota to restore the default.

Syntax

info-center trace-logfile quota size

undo info-center trace-logfile quota

Default

The maximum size for the trace log file is 1 MB.

Views

System view

Predefined user roles

network-admin

Parameters

size: Sets the maximum trace log file size in MB.The value range is 1 to 10.

Usage guidelines

This command sets the maximum size for the trace log files stored on the storage device and in the memory.

Examples

# Set the maximum trace log file size to 6 MB.

<Sysname> system-view

[Sysname] info-center trace-logfile quota 6

logfile save

Use logfile save to manually save logs in the log file buffer to the log file.

Syntax

logfile save

Views

Any view

Predefined user roles

network-admin

Usage guidelines

You can specify the directory to save the log file by using the info-center logfile directory command.

The device clears the log file buffer after saving the buffered logs to the log file automatically or manually.

If the log file buffer is empty, this command displays a success message even though no logs are saved to the log file.

Examples

# Manually save logs from the log file buffer to a log file.

<Sysname> logfile save

The contents in the log file buffer have been saved to the file flash:/logfile/logfile.log.

Related commands

info-center logfile enable

info-center logfile directory

reset logbuffer

Use reset logbuffer to clear the log buffer.

Syntax

reset logbuffer

Views

User view

Predefined user roles

network-admin

Examples

# Clear the log buffer.

<Sysname> reset logbuffer

Related commands

display logbuffer

security-logfile save

Use security-logfile save to manually save security logs from the security log file buffer to the security log file.

Syntax

security-logfile save

Views

Any view

Predefined user roles

security-audit

Usage guidelines

The device clears the security log file buffer after saving the buffered security logs to the security log file automatically or manually.

If the security log file buffer is empty, this command displays a success message even though no security logs are saved to the security log file.

To use this command, a local user must have the security-audit user role. For information about configuring the security-audit user role, see BRAS Services Command Reference.

Examples

# Manually save the security logs in the security log file buffer to the security log file.

<Sysname> security-logfile save

The contents in the security log file buffer have been saved to the file flash:/seclog/seclog.log.

Related commands

info-center security-logfile directory

authorization-attribute (BRAS Services Command Reference)

simulate syslog

Use simulate syslog to simulate generating system logs for specific service modules.

Syntax

simulate syslog { module module-name level level mnemonic mnemonic-value content TEXT | raw TEXT }

Views

System view

Predefined user roles

network-admin

Parameters

module module-name: Specifies a service module by its name, in a case-insensitive string of 1 to 8 characters. The system will convert the field value to uppercase characters uniformly when it outputs logs.

level severity: Specifies the severity level of the logs to be generated, in the range of 0 to 7.

mnemonic mnemonic-value: Generates logs with the specified mnemonic value. The mnemonic-value argument is a case-insensitive string of 1 to 32 characters, which must be the complete value contained in the mnemonic field of a log message. The system will convert the field value to uppercase characters uniformly when it outputs logs.

content TEXT: Specifies the log content to be generated.

raw TEXT: Configures the logs to be generated in text.

Usage guidelines

Application scenarios

When the triggering conditions occur, the device generates logs to record its current status or events. This command is used to simulate generating specified logs on the device before the triggering conditions occur. These logs are sent to the information center module for output. This is used to test if the device's logging function is working properly and if the log output parameters are configured correctly.

Configuration requirements

The logs specified by this command must be in the format of Module/Level/Mnemonic: Content:

·     Module—Any string specified as needed or name of a service module available on the device. To obtain the names of service modules available on the device, execute the simulate syslog module ? command.

·     Level—Severity level of logs.

·     Mnemonic—Complete value contained in the mnemonic field of a log message. This field value can be any string specified as needed or a mnemonic available on the device.

·     Content—Log content, a string that can contain spaces.

You can configure simulation logs to be generated in the following methods:

·     Field-based configuration method

You can specify the module, severity level, mnemonic, and log content by using the module module-name, level level, mnemonic mnemonic-value, and content TEXT, respectively. The device will automatically assemble these field values in the format of Module/Level/Mnemonic: Content.

·     Overall input configuration method

¡     Use the raw TEXT option to configure the Module/Level/Mnemonic: Content as a whole.

¡     The values for Module, Level, and Mnemonic cannot contain spaces.

¡     As a best practice, do not input additional slashes (/), other than the ones used to separate the Module, Level, and Mnemonic fields. If you fail to do so, the final log output results might be affected.

¡     If a space exists before Module/Level/Mnemonic: Content and there are characters before the space, these characters and the space will not be output as part of log messages. For example, if you configure simulate syslog raw %Jan  1 07:27:48:636 2000 Sysname ARP/6/DUPIFIP:Duplicate address 172.16.0.1 on interface Vlan-interface100, sourced from 00e0-0058-123d., the device outputs only ARP/6/DUPIFIP:Duplicate address 172.16.0.1 on interface Vlan-interface100, sourced from 00e0-0058-123d. as the log message, excluding %Jan  1 07:27:48:636 2000 Sysname.

Prerequisites

This command triggers the generation of log information that will be sent to the device's information center module. By setting the information center's parameters, you can determine the output rules of the log information (whether to allow output and output direction).

With information center configuration, you can view the logs in the console, monitoring terminal, log buffer, and log file. If a log host is configured, you can also receive the logs on the log host.

Examples

# Configure simulation output of system logs in the field-based configuration method. Specify the service module as acl, severity level as 4, mnemonic as acl_accelerate_no_res, and log content as Failed to accelerate IPv6 ACL 2001. The resources are insufficient..

<Sysname> system-view

[Sysname] simulate syslog module acl mnemonic acl_accelerate_no_res level 4 context Failed to accelerate IPv6 ACL 2001. The resources are insufficient.

After the above configuration, you can view the following log message from the console:

*Jan 1 07:27:48:636 2022 Sysname ACL/4/ACL_ACCELERATE_NO_RES: Failed to accelerate IPv6 ACL 2001. The resources are insufficient.

*Jan 1 07:27:48:636 2022 is the log output time automatically added by the system and Sysname is the device named automatically added by the system.

# Configure simulation output of system logs in the overall input configuration method. Specify the service module as acl, severity level as 4, mnemonic as acl_accelerate_no_res, and log content as Failed to accelerate IPv6 ACL 2001. The resources are insufficient..

<Sysname> system-view

[Sysname] simulate syslog raw ACL/4/ACL_ACCELERATE_NO_RES: Failed to accelerate IPv6 ACL 2001. The resources are insufficient.

After the above configuration, you can view the following log message from the console:

*Jan 1 07:27:48:636 2022 Sysname ACL/4/ACL_ACCELERATE_NO_RES: Failed to accelerate IPv6 ACL 2001. The resources are insufficient.

*Jan 1 07:27:48:636 2022 is the log output time automatically added by the system and Sysname is the device named automatically added by the system.

snmp-agent trap enable syslog

Use snmp-agent trap enable syslog to enable SNMP notifications for log messages.

Use undo snmp-agent trap enable syslog to disable SNMP notifications for log messages.

Syntax

snmp-agent trap enable syslog

undo snmp-agent trap enable syslog

Default

The device does not send SNMP notifications for log messages.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command enables the device to send an SNMP notification for each log message it outputs. The device encapsulates logs in SNMP notifications and then sends them to the SNMP module and the log trap buffer.

For the SNMP module to send the received SNMP notifications correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

To view the traps in the log trap buffer, access the MIB corresponding to the log trap buffer. The log trap buffer size can be set by using the info-center syslog trap buffersize command.

Examples

# Enable the device to send SNMP notifications for log messages.

<Sysname> system-view

[Sysname] snmp-agent trap enable syslog

Related commands

info-center syslog trap buffersize

terminal debugging

Use terminal debugging to enable output of debugging messages (debugging-level log messages) to the current terminal.

Use undo terminal debugging to disable output of debugging messages (debugging-level log messages) to the current terminal.

Syntax

terminal debugging

undo terminal debugging

Default

Output of debugging messages to the current terminal is disabled.

Views

User view

Predefined user roles

network-admin

Usage guidelines

This command enables output of debugging-level log messages to the current terminal.

To enable output of debugging messages to the console, perform the following tasks:

1.     Execute the terminal debugging command.

2.     Enable the information center. The information center is enabled by default.

3.     Use a debugging command to enable the related debugging.

To enable output of debugging messages to the monitor terminal, perform the following tasks:

1.     Execute the terminal monitor and terminal debugging commands.

2.     Enable the information center. The information center is enabled by default.

3.     Use a debugging command to enable the related debugging.

This command takes effect only for the current connection between the terminal and the device. If a new connection is established, the default is restored.

You can also enable output of debugging messages to the current terminal by executing the terminal logging level 7 command. The terminal logging level 7 command and the terminal debugging command have the following differences:

·     The terminal logging level 7 command enables log output for all log severity levels (levels 0 through 7).

·     The terminal debugging command enables log output for the following log severity levels:

¡     Debugging level (level 7).

¡     Severity level higher than or equal to the level specified in the terminal logging level command.

Examples

# Enable output of debugging messages to the current terminal.

<Sysname> terminal debugging

The current terminal is enabled to display debugging information.

Related commands

terminal logging level

terminal monitor

terminal logging level

Use terminal logging level to set the lowest level of logs that can be output to the current terminal.

Use undo terminal logging level to restore the default.

Syntax

terminal logging level severity

undo terminal logging level

Default

The lowest level of logs that can be output to the current terminal is 6 (informational).

Views

User view

Predefined user roles

network-admin

Parameters

severity: Specifies a log severity level by its number or name. Supported log severity levels are 0 (emergency), 1 (alert), 2 (critical), 3 (error), 4 (warning), 5 (notification), 6 (informational), and 7 (debugging).

Usage guidelines

This command enables the device to output logs with a severity level higher than or equal to the specified level to the current terminal. For example, if you set the severity argument to 6 or informational, logs with a severity value from 0 to 6 are output to the current terminal.

This command takes effect only for the current connection between the terminal and the device. If a new connection is established, the default is restored.

Examples

# Configure the device to output logs with the debugging level and higher levels to the current terminal.

<Sysname> terminal logging level 7

terminal monitor

Use terminal monitor to enable log output to the current terminal.

Use undo terminal monitor to disable log output to the current terminal.

Syntax

terminal monitor

undo terminal monitor

Default

Log output to the console is enabled, and log output to the monitor terminal is disabled.

Views

User view

Predefined user roles

network-admin

Usage guidelines

This command takes effect only for the current connection between the terminal and the device. If a new connection is established, the default is restored.

Examples

# Enable log output to the current terminal.

<Sysname> terminal monitor

The current terminal is enabled to display logs.

trace-logfile save

Use trace-logfile save to manually save logs in the trace log file buffer to the trace log file.

Syntax

trace-logfile save

Views

Any view

Predefined user roles

network-admin

Usage guidelines

The device clears the trace log file buffer after you manually save the buffered trace logs to the trace log file.

If the trace log file buffer is empty, this command displays a success message even though no trace logs are saved to the trace log file.

Examples

# Manually save trace logs from the trace log file buffer to the trace log file.

<Sysname> trace-logfile save

The contents in the trace log file buffer have been saved to the file flash:/tracefile/tracefile.log.

Related commands

info-center trace-logfile enable

info-center trace-logfile directory