Login
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 03-Information center configuration | 231.60 KB |
Configuring the information center
Default output rules for hidden logs
Log formats and field descriptions
Information center tasks at a glance
Enabling the information center
Outputting logs to various destinations
Outputting logs to the console
Outputting logs to the monitor terminal
Outputting logs to the log buffer
Setting the minimum storage period
Enabling synchronous information output
Configuring the character set encoding used on the information center
Enabling duplicate log suppression
Configuring log suppression for a module
Disabling an interface from generating link up or link down logs
Performing integrity check for a log file
Display and maintenance commands for information center
Information center configuration examples
Example: Outputting logs to the console
Example: Outputting logs to a UNIX log host
Configuring the information center
About the information center
The information center on the device receives logs generated by source modules and outputs logs to different destinations according to log output rules. Based on the logs, you can monitor device performance and troubleshoot network problems.
Figure 1 Information center diagram
Log types
Logs are classified into the following types:
· Standard system logs—Record common system information. Unless otherwise specified, the term "logs" in this document refers to standard system logs.
· Hidden logs—Record log information not displayed on the terminal, such as input commands.
· Trace logs—Record system tracing and debugging messages, which can be viewed only after the devkit package is installed.
Log levels
Logs are classified into eight severity levels from 0 through 7 in descending order. The information center outputs logs with a severity level that is higher than or equal to the specified level. For example, if you specify a severity level of 6 (informational), logs that have a severity level from 0 to 6 are output.
|
Severity value |
Level |
Description |
|
0 |
Emergency |
The system is unusable. For example, the system authorization has expired. |
|
1 |
Alert |
Action must be taken immediately. For example, traffic on an interface exceeds the upper limit. |
|
2 |
Critical |
Critical condition. For example, the device temperature exceeds the upper limit, the power module fails, or the fan tray fails. |
|
3 |
Error |
Error condition. For example, the link state changes. |
|
4 |
Warning |
Warning condition. For example, an interface is disconnected, or the memory resources are used up. |
|
5 |
Notification |
Normal but significant condition. For example, a terminal logs in to the device, or the device reboots. |
|
6 |
Informational |
Informational message. For example, a command or a ping operation is executed. |
|
7 |
Debugging |
Debugging message. |
Log destinations
The system outputs logs to the following destinations: console, monitor terminal, log buffer, and log host. Log output destinations are independent and you can configure them after enabling the information center. One log can be sent to multiple destinations.
Default output rules for logs
A log output rule specifies the source modules and severity level of logs that can be output to a destination. Logs matching the output rule are output to the destination. Table 2 shows the default log output rules.
|
Destination |
Log source modules |
Output switch |
Severity |
|
Console |
All supported modules |
Enabled |
Debugging |
|
Monitor terminal |
All supported modules |
Disabled |
Debugging |
|
Log host |
All supported modules |
Enabled |
Informational |
|
Log buffer |
All supported modules |
Enabled |
Informational |
Default output rules for hidden logs
Hidden logs can be output to the log host and the log buffer. Table 3 shows the default output rules for hidden logs.
Table 3 Default output rules for hidden logs
|
Destination |
Log source modules |
Output switch |
Severity |
|
Log host |
All supported modules |
Enabled |
Informational |
|
Log buffer |
All supported modules |
Enabled |
Informational |
Log formats and field descriptions
Log formats
The format of logs varies by output destinations. The following table shows the original format of log information, which might be different from what you see. The actual format varies by the log resolution tool used.
Table 4 Log formats
|
Output destination |
Format |
|
Console, monitor terminal, or log buffer |
Example: |
|
Log host |
Non-customized format: Example: CMCC format: Example: RFC 5424 format: Example: Unicom format: Example: |
Log field description
Table 5 Log field description
|
Field |
Description |
|
Prefix (information type) |
A log sent to the console, monitor terminal, or log buffer has an identifier in front of the timestamp: · An identifier of percent sign (%) indicates a log with a level equal to or higher than informational. · An identifier of asterisk (*) indicates a debugging log or a trace log. · An identifier of caret (^) indicates a diagnostic log. |
|
PRI (priority) |
A log destined for the log host has a priority identifier in front of the timestamp. The priority is calculated by using this formula: facility*8+level, where: · facility is the facility name. Facility names local0 through local7 correspond to values 16 through 23. The facility name can be configured using the info-center loghost command. It is used to identify log sources on the log host, and to query and filter the logs from specific log sources. · level is in the range of 0 to 7. See Table 1 for more information about severity levels. |
|
Timestamp |
Records the time when the log was generated. Logs sent to the log host and those sent to the other destinations have different timestamp precisions, and their timestamp formats are configured with different commands. For more information, see Table 6 and Table 7. |
|
appcode |
Specifies the code of the module that generated the log. This field exists only in logs that are sent to the log host in DamDDoS format. |
|
vendor |
Vendor of the device that generated the log. This field exists only in logs that are sent to the log host in DamDDoS format. |
|
Hostip |
Source IP address of the log. If the info-center loghost source command is configured, this field displays the IP address of the specified source interface. Otherwise, this field displays the sysname. This field exists only in logs that are sent to the log host in unicom format. |
|
sn/Serial number |
Serial number of the device that generated the log. To view the device serial number, see the DEVICE_SERIAL_NUMBER field in the output of the display device manuinfo command. This field exists only in logs that are sent to the log host in Unicom format. |
|
Sysname (host name or host IP address) |
The sysname is the host name or IP address of the device that generated the log. You can use the sysname command to modify the name of the device. |
|
%% (vendor ID) |
Indicates that the information was generated by an H3C device. This field exists only in logs sent to the log host. |
|
vv (version information) |
Identifies the version of the log, and has a value of 10. This field exists only in logs that are sent to the log host. |
|
Module |
Specifies the name of the module that generated the log. You can enter the info-center source ? command in system view to view the module list. |
|
Level |
Identifies the level of the log. See Table 1 for more information about severity levels. |
|
log_type/Mnemonic |
Mnemonic: Describes the content of the log. It contains a string of up to 32 characters. |
|
Location |
Optional field that identifies the log sender. This field exists only in logs that are sent to the log host in non-customized or CMCC format. The field contains the following information: · Devlp—IP address of the log sender. This field is available only when you configure the info-center loghost source command. · SN—Serial
number of the device that generated the log. To view the device serial
number, see the DEVICE_SERIAL_NUMBER field in the output of the display
device manuinfo command. |
|
SysLoc |
Optional field that identifies the system information of the logs. This field exists only in logs that are sent to the log host in RFC 5424 format. The field contains the following information: · SysLoc@—Vendor number of the device that generates logs. · VendorID—Vendor ID. Currently, the fixed value is 10. · Level—Log level. · SN—Serial
number of the device that generated the log. To view the device serial
number, see the DEVICE_SERIAL_NUMBER field in the output of the display
device manuinfo command. |
|
AppLoc |
Optional field that identifies the module information of the logs. This field exists only in logs that are sent to the log host in RFC 5424 format. The field contains the following information: · AppLoc@—Vendor number of the device that generates logs. · Line—User line used by the current user for login. · IPAddr—IP address used for user login. · User—Username for login. |
|
Content |
Provides the content of the log. |
Table 6 Timestamp precisions and configuration commands
|
Item |
Destined for the log host |
Destined for the console, monitor terminal, log buffer, and log file |
|
Precision |
Seconds |
Milliseconds |
|
Command used to set the timestamp format |
info-center timestamp loghost |
info-center timestamp |
Table 7 Description of the timestamp parameters
|
Timestamp parameters |
Description |
|
boot |
Time that has elapsed since system startup, in the format of xxx.yyy. xxx represents the higher 32 bits, and yyy represents the lower 32 bits, of milliseconds elapsed. Logs that are sent to all destinations other than a log host support this parameter. Example: 0.109391473 is a timestamp in the boot format. |
|
date |
Current date and time. · For logs output to a log host, the timestamp can be in the format of mmm dd hh:mm:ss yyyy (accurate to seconds) or mmm dd hh:mm:ss.ms yyyy (accurate to milliseconds). · For logs output to other destinations, the timestamp is in the format of MMM DD hh:mm:ss:ms YYYY. All logs support this parameter. Example: May 30 05:36:29:579 2018 is a timestamp in the date format in logs sent to the console. |
|
iso |
Timestamp format stipulated in ISO 8601, accurate to seconds (default) or milliseconds. Only logs that are sent to a log host support this parameter. Example: 2018-05-30T06:42:44 is a timestamp in the iso format accurate to seconds. A timestamp accurate to milliseconds is like 2018-05-30T06:42:44.708. |
|
none |
No timestamp is included. All logs support this parameter. Example: No timestamp is included. |
|
no-year-date |
Current date and time without year information, in the format of MMM DD hh:mm:ss:ms. Only logs that are sent to a log host support this parameter. Example: May 30 06:44:22 is a timestamp in the no-year-date format. |
Information center tasks at a glance
Managing standard system logs
1. Enabling the information center
2. Outputting logs to various destinations
Choose the following tasks as needed:
¡ Outputting logs to the console
¡ Outputting logs to the monitor terminal
¡ Outputting logs to log hosts
¡ Outputting logs to the log buffer
3. (Optional.) Setting the minimum storage period
4. (Optional.) Enabling synchronous information output
5. (Optional.) Configuring the character set encoding
6. (Optional.) Configuring log suppression
Choose the following tasks as needed:
¡ Enabling duplicate log suppression
¡ Configuring log suppression for a module
¡ Disabling an interface from generating link up or link down logs
Managing hidden logs
1. Enabling the information center
2. Outputting logs to various destinations
Choose the following tasks as needed:
¡ Outputting logs to log hosts
¡ Outputting logs to the log buffer
3. (Optional.) Setting the minimum storage period
4. (Optional.) Enabling duplicate log suppression
Managing trace logs
1. Enabling the information center
2. (Optional.) Enabling duplicate log suppression
Enabling the information center
About this task
The information center can output logs only after it is enabled.
Procedure
1. Enter system view.
system-view
2. Enable the information center.
info-center enable
The information center is enabled by default.
Outputting logs to various destinations
Outputting logs to the console
Restrictions and guidelines
The terminal monitor, terminal debugging, and terminal logging commands take effect only for the current connection between the terminal and the device. If a new connection is established, the default is restored.
Procedure
1. Enter system view.
system-view
2. Configure an output rule for sending logs to the console.
info-center source { module-name | default } console { deny | level severity }
For information about default output rules, see "Default output rules for logs."
3. (Optional.) Configure the timestamp format.
info-center timestamp { boot | date | none }
The default timestamp format is date.
4. Return to user view.
quit
5. Enable log output to the console.
terminal monitor
By default, log output to the console is enabled.
6. Enable output of debugging messages to the console.
terminal debugging
By default, output of debugging messages to the console is disabled.
This command enables output of debugging-level log messages to the console.
7. Set the lowest severity level of logs that can be output to the console.
terminal logging level severity
The default setting is 6 (informational).
Outputting logs to the monitor terminal
About this task
Monitor terminals refer to terminals that log in to the device through the VTY line.
Restrictions and guidelines
The terminal monitor, terminal debugging, and terminal logging commands take effect only for the current connection between the terminal and the device. If a new connection is established, the default is restored.
Procedure
1. Enter system view.
system-view
2. Configure an output rule for sending logs to the monitor terminal.
info-center source { module-name | default } monitor { deny | level severity }
For information about default output rules, see "Default output rules for logs."
3. (Optional.) Configure the timestamp format.
info-center timestamp { boot | date | none }
The default timestamp format is date.
4. Return to user view.
quit
5. Enable log output to the monitor terminal.
terminal monitor
By default, log output to the monitor terminal is disabled.
6. Enable output of debugging messages to the monitor terminal.
terminal debugging
By default, output of debugging messages to the monitor terminal is disabled.
This command enables output of debugging-level log messages to the monitor terminal.
7. Set the lowest level of logs that can be output to the monitor terminal.
terminal logging level severity
The default setting is 6 (informational).
Outputting logs to log hosts
1. Enter system view.
system-view
2. Configure a log output filter or a log output rule. Choose one option as needed:
¡ Configure a log output filter.
info-center filter filter-name { module-name [ mnemonic mnemonic-value ] | default } { deny | level severity }
By default, no log output filters exist.
You can create multiple log output filters. When specifying a log host, you can apply a log output filter to the log host to control log output.
¡ Configure a log output rule for the log host output destination.
info-center source { module-name | default } loghost { deny | level severity }
For information about default output rules, see "Default output rules for logs."
The system chooses the settings to control log output to a log host in the following order:
a. Log output filter applied to the log host.
b. Log output rules configured for the log host output destination by using the info-center source command.
c. Default log output rules (see "Default output rules for logs").
3. (Optional.) Specify a source IP address for output logs.
info-center loghost source interface-type interface-number
By default, the source IP address of output logs is the primary IP address of their outgoing interfaces.
4. (Optional.) Specify the format in which logs are output to log hosts.
info-center format { cmcc | rfc5424 | unicom }
By default, logs are output to log hosts in non-customized format.
5. (Optional.) Add the device serial number to the location field of logs sent to log hosts.
info-center loghost locate-info with-sn
By default, the device does not add the device serial number to the location field of logs sent to log hosts.
6. (Optional.) Configure the timestamp format.
info-center timestamp loghost { date [ with-milliseconds ] | iso [ with-milliseconds ] | no-year-date | none }
The default timestamp format is date.
7. Specify a log host and configure related parameters.
info-center loghost { hostname | ipv4-address | ipv6 ipv6-address } [ facility local-number | filter filter-name | format { cmcc | default | rfc5424 | unicom } | port port-number | source-ip source-ip-address | tcp [ ssl-client-policy policy-name ] ] *
By default, no log hosts or related parameters are specified.
The value for the port-number argument must be the same as the value configured on the log host. Otherwise, the log host cannot receive logs.
The format specified by the info-center loghost command takes precedence over the format specified by the info-center format command. The source IP address specified by the info-center loghost command takes precedence over the source IP address specified by the info-center loghost source command.
To use an SSL client policy to encrypt the logs sent to a log host, configure the SSL client policy first. If you have not configured the SSL client policy, the SSL connection cannot be established and logs cannot be sent to the log host. For more information about SSL client policy configuration, see SSL VPN configuration in Security Configuration Guide.
Outputting logs to the log buffer
About this task
This feature enables log output to the log buffer. You can use the display logbuffer command to display the log buffer information and the buffered logs.
Procedure
1. Enter system view.
system-view
2. (Optional.) Configure an output rule for sending logs to the log buffer.
info-center source { module-name | default } logbuffer { deny | level severity }
For information about the default output rules, see "Default output rules for logs."
3. (Optional.) Configure the timestamp format.
info-center timestamp { boot | date | none }
The default timestamp format is date.
4. Enable log output to the log buffer.
info-center logbuffer
By default, log output to the log buffer is enabled.
5. (Optional.) Set the maximum log buffer size.
info-center logbuffer size buffersize
By default, a maximum of 512 logs can be buffered.
Setting the minimum storage period
About this task
Use this feature to set the minimum storage period for logs in the log buffer and log file. This feature ensures that logs will not be overwritten by new logs during a set period of time.
By default, when the log buffer or log file is full, new logs will automatically overwrite the oldest logs. After the minimum storage period is set, the system identifies the storage period of a log to determine whether to delete the log. The system current time minus a log's generation time is the log's storage period.
· If the storage period of a log is shorter than or equal to the minimum storage period, the system does not delete the log. The new log will not be saved.
· If the storage period of a log is longer than the minimum storage period, the system deletes the log to save the new log.
Procedure
1. Enter system view.
system-view
2. Set the minimum storage period for logs.
info-center syslog min-age min-age
By default, the log minimum storage period is not set.
Enabling synchronous information output
About this task
System log output interrupts ongoing configuration operations, obscuring previously entered commands. Synchronous information output shows the obscured commands. It also provides a command prompt in command editing mode, or a [Y/N] string in interaction mode so you can continue your operation from where you were stopped.
Procedure
1. Enter system view.
system-view
2. Enable synchronous information output.
info-center synchronous
By default, synchronous information output is disabled.
Configuring the character set encoding used on the information center
About this task
The information center supports outputting log messages by using the GB18030 or UTF-8 encoding. By default, the GB18030 encoding is used.
For the login terminal to correctly display Chinese characters in log messages received from the information center, the information center and the terminal must use the same character set encoding.
Procedure
1. Enter system view.
system-view
2. Enable the information center to use the UTF-8 encoding.
info-center syslog utf-8 enable
By default, the information center uses the GB18030 encoding for outputting log messages.
Configuring log suppression
Enabling duplicate log suppression
About this task
The information center on the device outputs logs generated by service modules. The device identifies logs that have the same module name, level, mnemonic, location, and text as duplicate logs.
In some scenarios, for example, ARP attack or link failure, the service modules will generate a large volume of duplicate logs during a short period of time. Recording and output of consecutive duplicate logs wastes system and network resources. To resolve this issue, you can enable duplicate log suppression.
With this feature enabled, when a service module generates a log, the information center outputs the log and starts the duplicate log suppression timer. The suppression period of the duplicate log suppression timer varies by phase. The suppression periods in phase 1, 2, and later phases are 30 seconds, 2 minutes, and 10 minutes, respectively.
After you enable duplicate log suppression, the system starts suppression upon outputting a log:
· If only duplicate logs of the log are received during the suppression period of a phase, the information center does not output the duplicate logs. When the suppression period of the phase expires, the information center outputs the suppressed log and the number of times the log is suppressed, and starts the next suppression phase.
· If a different log is received during the suppression period of any phase, the information center performs the following operations:
¡ Stops suppression on the log, and outputs the suppressed log and the number of times the log is suppressed.
¡ Outputs the different log and starts phase-1 suppression for that log.
· If no log is received within the suppression period of any phase, the information center deletes the duplicate log suppression timer, stops suppression on the log, and does not output any log.
Procedure
1. Enter system view.
system-view
2. Enable duplicate log suppression.
info-center logging suppress duplicates
By default, duplicate log suppression is disabled.
Examples
The following example uses SHELL_CMD logs to verify the duplicate log suppression feature. After the user executes a command on the device, the information center receives a SHELL_CMD log generated by the shell module, encapsulates the log, and then outputs the log to the log buffer.
1. Verify the suppression effect in phases 1, 2, 3, and 4 of a log (with suppression period of 30 seconds, 2 minutes, 10 minutes, and 10 minutes):
# In a lab environment, continuously execute the display logbuffer command for 25 minutes.
# View the output logs in the log buffer.
<Sysname> display logbuffer
Log buffer: Enabled
Max buffer size: 1024
Actual buffer size: 512
Dropped messages: 0
Overwritten messages: 0
Current messages: 5
%Jul 20 13:01:20:615 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer
%Jul 20 13:01:50:718 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 2 times in last 30 seconds.
%Jul 20 13:03:50:732 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 5 times in last 2 minutes.
%Jul 20 13:13:50:830 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 10 times in last 10 minutes.
%Jul 20 13:23:50:211 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 6 times in last 10 minutes.
The output shows the following information:
¡ The information center received the log SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer.
¡ In phase 1, the log was suppressed twice by the information center.
¡ In phase 2, the log was suppressed five times by the information center.
¡ In phase 3, the log was suppressed 10 times by the information center.
¡ In phase 4, the log was suppressed six times by the information center.
2. Continue to verify how duplicate log suppression works when a different log is received during the suppression period of a log:
# Execute the display logbuffer command three times, and then execute the display interface brief command.
# View the output logs in the log buffer.
<Sysname> display logbuffer
Log buffer: Enabled
Max buffer size: 1024
Actual buffer size: 512
Dropped messages: 0
Overwritten messages: 0
Current messages: 5
%Jul 20 13:01:20:615 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer
%Jul 20 13:01:50:718 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 2 times in last 30 seconds.
%Jul 20 13:03:50:732 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 5 times in last 2 minutes.
%Jul 20 13:13:50:830 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 10 times in last 10 minutes.
%Jul 20 13:23:50:211 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 6 times in last 10 minutes.
%Jul 20 13:24:56:205 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer This message repeated 3 times in last 1 minute 6 seconds.
%Jul 20 13:25:41:205 2022 Sysname SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display interface brief.
<Sysname>
The output shows the following information:
¡ The information center stopped suppression for the log SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display logbuffer.
¡ The information center output the log SHELL/6/SHELL_CMD: -Line=con0-IPAddr=**-User=**; Command is display interface brief, and started suppression for it.
Configuring log suppression for a module
About this task
This feature suppresses output of logs. You can use this feature to filter out the logs that you are not concerned with.
Perform this task to configure a log suppression rule to suppress output of all logs or logs with a specific mnemonic value for a module.
Procedure
1. Enter system view.
system-view
2. Configure a log suppression rule for a module.
info-center logging suppress module module-name mnemonic { all | mnemonic-value }
By default, the device does not suppress output of any logs from any modules.
Disabling an interface from generating link up or link down logs
About this task
By default, an interface generates link up or link down log information when the interface state changes. In some cases, you might want to disable certain interfaces from generating this information. For example:
· You are concerned about the states of only some interfaces. In this case, you can use this function to disable other interfaces from generating link up and link down log information.
· An interface is unstable and continuously outputs log information. In this case, you can disable the interface from generating link up and link down log information.
Use the default setting in normal cases to avoid affecting interface status monitoring.
Procedure
1. Enter system view.
system-view
2. Enter interface view.
interface interface-type interface-number
3. Disable the interface from generating link up or link down logs.
undo enable log updown
By default, an interface generates link up and link down logs when the interface state changes.
Performing integrity check for a log file
About this task
When the information center saves a log message to the log file, it uses the default device master key to calculate a digest for the log file and saves the digest in the log file. The digest is used to perform integrity check for the log file.
When this feature is configured, the information center uses the master key to recalculate a digest for the log file and then compares the digest with that saved in the log file. If the two digests are consistent, the log file passes the integrity check. If they do not match, the log file fails the integrity check.
About this task
When the information center saves a log message to the log file, it uses the device master key to calculate a digest for the log file and saves the digest in the log file. The digest is used to perform integrity check for the log file. You can use the default device master key or a master key configured by using the set master-key command. For more information about the master key, see public key management in Security Configuration Guide.
When this feature is configured, the information center uses the master key to recalculate a digest for the log file and then compares the digest with that saved in the log file. If the two digests are consistent, the log file passes the integrity check. If they do not match, the log file fails the integrity check.
Restrictions and guidelines
Currently, only standard system log files and security log files support integrity check, while diagnostic log files and trace log files do not support integrity check.
Procedure
To perform integrity check for a log file, execute the following command in user view:
check logfile file-path
For successful execution of this command, the file extension must be .log or .log.gz.
Display and maintenance commands for information center
Execute display commands in any view and reset commands in user view.
|
Task |
Command |
|
Display the character set encoding used on the device or the login terminal. |
display character-set [ terminal ] |
|
Display the information center configuration. |
display info-center |
|
Display information about log output filters. |
display info-center filter [ filtername ] |
|
Display the log output rules by source modules. |
display info-center source [ module module-name ] |
|
Display log buffer information and buffered logs. |
display logbuffer [ reverse ] [ level severity | size buffersize ] * [ last-mins mins ] |
|
Display the log buffer summary. |
display logbuffer summary [ level severity ] |
|
Clear the log buffer. |
reset logbuffer |
Information center configuration examples
Example: Outputting logs to the console
Network configuration
Configure the AP to output to the console APR logs that have a minimum severity level of warning.
Figure 2 Network diagram
Procedure
# Enable the information center.
<AP> system-view
[AP] info-center enable
# Disable log output to the console.
[AP] info-center source default console deny
To avoid output of unnecessary information, disable all modules from outputting logs to the specified destination (console in this example) before you configure the output rule.
# Configure an output rule to output to the console ARP logs that have a minimum severity level of warning.
[AP] info-center source arp console level warning
[AP] quit
# Enable log output to the console.
<AP> terminal logging level 6
<AP> terminal monitor
The current terminal is enabled to display logs.
Now, if the ARP module generates logs, the information center automatically sends the logs to the console, and the console displays the logs on the monitor terminal.
Example: Outputting logs to a UNIX log host
Network configuration
Configure the AP to output to the UNIX log host ARP logs that have a minimum severity level of informational.
Figure 3 Network diagram
Procedure
1. Make sure the AP and the log host can reach each other. (Details not shown.)
2. Configure the AP:
# Enable the information center.
<AP> system-view
[AP] info-center enable
# Specify log host 1.2.0.1/16 with local4 as the logging facility.
[AP] info-center loghost 1.2.0.1 facility local4
# Disable log output to the log host.
[AP] info-center source default loghost deny
To avoid output of unnecessary information, disable all modules from outputting logs to the specified destination (loghost in this example) before you configure an output rule.
# Configure an output rule to output to the log host ARP logs that have a minimum severity level of informational.
[AP] info-center source arp loghost level informational
3. Configure the log host:
The log host configuration procedure varies by the vendor of the UNIX operating system. The following shows an example:
a. Log in to the log host as a root user.
b. Create a subdirectory named AP in directory /var/log/, and then create file info.log in the AP directory to save logs from the AP.
# mkdir /var/log/AP
# touch /var/log/AP/info.log
c. Edit file syslog.conf in directory /etc/ and add the following contents:
# AP configuration messages
local4.info /var/log/AP/info.log
In this configuration, local4 is the name of the logging facility that the log host uses to receive logs. The value info indicates the informational severity level. The UNIX system records the log information that has a minimum severity level of informational to file /var/log/AP/info.log.
|
|
NOTE: Follow these guidelines while editing file /etc/syslog.conf: · Comments must be on a separate line and must begin with a pound sign (#). · No redundant spaces are allowed after the file name. · The logging facility name and the severity level specified in the /etc/syslog.conf file must be identical to those configured on the AP by using the info-center loghost and info-center source commands. Otherwise, the log information might not be output to the log host correctly. |
d. Display the process ID of syslogd, kill the syslogd process, and then restart syslogd by using the –r option to validate the configuration.
# ps -ae | grep syslogd
147
# kill -HUP 147
# syslogd -r &
Now, the AP can output ARP logs to the log host, which stores the logs to the specified file.
