|
|
This chapter describes how messages from the Catalyst 6000 family switch are formatted and how you can enable the System Message Log feature to send messages to the switch internal buffer and system console for display (and optionally, to a logging server on another system). Not all messages indicate problems; some messages are purely informational, while others help diagnose problems with communications lines, internal hardware, or the system software.
Messages are listed by the facility (hardware device, protocol, or a module or system software) that produces the messages. Within each facility, messages are listed by the severity level, from highest to lowest. Each message is followed by an explanation and a recommended action. Messages appear only when the system remains operational.
This chapter contains the following sections:
Messages are structured as follows:
facility-severity-MNEMONIC:descriptionMessages from the System Message Log are structured the same, but include this date/time stamp at the beginning of the message:
mm/dd/yyy:hh/mm/ss:facility-severity-MNEMONIC:descriptionwhere
mm/dd/yyy:hh/mm/ssis the date and time of the error/event.
Both message types contain this information:
facility code consists of two or more uppercase letters that indicate the reference facility to which the message refers. A facility can be a hardware device, a protocol, or a module within the system software. See Table 1-1.
| Code | Facility |
|---|---|
acl | Access Control Lists |
cdp | Cisco Discovery Protocol |
dtp | Dynamic Trunking Protocol |
earl | Enhanced Address Recognition Logic |
filesys | Flash File System |
gvrp | GARP VLAN Registration Protocol Messages |
ip | Internet Protocol |
kernel | Kernel |
mcast | Multicast messages |
mgmt | Management messages |
pagp | Port Aggregation Protocol |
protfilt | Protocol Filtering |
pruning | VLAN Trunking Protocol Pruning |
qos | |
security | Port Security |
snmp | Simple Network Management Protocol |
spantree | Spanning-Tree Protocol |
sys | System |
tac | Terminal Access Controller Access Control System |
udld | |
vtp | VLAN Trunking Protocol |
| Severity Level | Description |
|---|---|
0 - emergency | System is unusable |
1 - alert | Immediate action required |
2 - critical | Critical condition |
3 - error | Error condition |
4 - warning | Warning condition |
5 - notification | Normal but significant condition |
6 - informational | Informational message only |
7 - debugging | Message that appears during debugging only |
description level text string describes the condition. Sometimes it contains detailed information about the event, including terminal port numbers, network addresses, or addresses that correspond to locations in the system memory address space. Because these variable fields can change from message to message, they are represented by short strings in square brackets ([ ]). A decimal number, for example, is represented as [dec]. See Table 1-3.
| Representation | Type of Information |
|---|---|
[hex] |
The following is a sample system message; an explanation of the message follows (see Table 1-3):
06/17/1999,18:31:15:SYS-5-MOD_INSERT:Module 5 has been inserted
where
06/17/1999,18:31:15 is the date and time of the error (this appears if set for system log messaging).
SYS is the facility type.
5 is the severity level, indicating that it is a normal but significant condition.
MOD_INSERT is the mnemonic code that uniquely identifies the message.
Module 5 has been inserted is the message text.
The System Message Log (syslog) software can save system messages in a log file or direct the messages to other devices. The system message logging facility has these features:
By default the switch logs normal but significant system messages to its internal buffer and sends these messages to the system console. You can specify which system messages should be saved based on the type of facility and the severity level. Messages can be time-stamped to enhance real-time debugging and management.
You can access logged system messages using the switch CLI or by saving them to a properly configured syslog server. The switch software saves syslog messages in an internal buffer. You can also save messages on UNIX servers that are configured properly. The syslog software reads the messages from the buffer and sends them to the specified destination.
With syslog, you can access system messages by logging in to the console through Telnet. This allows you to monitor system messages remotely from any workstation that supports the Telnet protocol.
This section describes the configurable options for the System Message Log.
The switches ship with the default configuration as shown in Table 1-4.
| Configuration Parameters | Default Setting |
|---|---|
System message logging to the console | Enabled |
System message logging to Telnet sessions | Enabled |
Logging server | Disabled |
Syslog server IP address | None configured |
Server facility | LOCAL7 |
Server severity | Warnings (4) |
Logging buffer size | 500 |
Logging history size | 1 |
Timestamp option | Disabled |
Facility/severity level for system messages | sys/5 |
When you first log on to the switch console, enter the show logging command to display the default configuration.
To change the default system message logging facility and severity levels, perform one of these tasks in privileged mode:
| Task | Command |
|---|---|
| set logging level facility severity [default] |
| set logging console disable |
This example shows how to change the default system message logging facility and severity levels for the Cisco Discovery Protocol (CDP) to severity level 3:
Console> (enable) set logging level cdp 3 System logging facility <cdp> for this session set to severity 3(errors) Console> (enable)
This example shows how to disable system message logging to the console:
Console> (enable) set logging console disable System logging messages will not be sent to the console. Console> (enable)
Before you can send system log messages to a UNIX syslog server, you must configure the syslog daemon on the UNIX server. To configure the syslog daemon, log in as root and perform these steps:
Step 1 Add a line such as the following in the file /etc/syslog.conf:
user.debug /var/log/myfile.log
The switch sends messages according to specified facility types and severity levels. The user keyword specifies the UNIX logging facility. The messages from the switch are generated by user processes. The debug keyword specifies the severity level of the condition being logged. You can set UNIX systems to receive all messages from the switch.
Step 2 Create the log file by entering these commands at the UNIX shell prompt:
$ touch /var/log/myfile.log
$ chmod 666 /var/log/myfile.log
Step 3 Make sure the syslog daemon reads the new changes by entering this command:
$ kill -HUP \Qcat /etc/syslog.pid
Before you can send system log messages to a UNIX syslog server, you must configure the syslog daemon on the UNIX server, as described in the section "Configuring the syslog Daemon on UNIX syslog Servers" section. To configure the switch to log messages to a syslog server, perform this task in privileged mode:
| Task | Command |
|---|---|
set logging server ip_addr | |
Step 2 Enable system message logging to configured syslog servers. | set logging server enable |
Step 3 Set the facility and severity level for syslog server messages. | set logging server facility server_facility_parameter set logging server severity server_severity_level |
| 1You can configure a maximum of three syslog servers at any time. |
This example shows how to add a new syslog server with an IP address of 171.69.192.205 to the system logging server table:
Console> (enable) set logging server 171.69.192.205171.69.192.205 added to the System logging server table.Console> (enable)
This example shows how to enable system message logging to a configured syslog server:
Console> (enable) set logging server enableSystem logging messages will be sent to the configured syslog servers.Console> (enable)
This example shows how to set the syslog server facility to local0:
Console> (enable) set logging server facility local0 System logging server facility set to <local0> Console> (enable)
This example shows how to set the syslog server severity level to 4:
Console> (enable) set logging server severity 4 System logging server severity set to <4> Console> (enable)
To remove a syslog server from the configuration, perform this task in privileged mode:
| Task | Command |
|---|---|
Delete a syslog server from the configuration. | clear logging server ip_addr |
This example shows how to delete the syslog server 171.69.192.207 from the configuration:
Console> (enable) clear logging server 171.69.192.207 System log server 171.69.192.207 removed from system log server table. Console> (enable)
To disable logging to the syslog server, perform this task in privileged mode:
| Task | Command |
|---|---|
Disable system message logging to configured syslog servers. |
This example shows how to disable system message logging to a configured syslog server:
Console> (enable) set logging server disableSystem logging messages will not be sent to the configured syslog servers.Console> (enable)
To limit the number of messages buffered, perform this task in privileged mode:
| Task | Command |
|---|---|
This example shows how to limit to 200 the number of messages stored in the buffer:
Console> (enable) set logging buffer 200 System logging buffer size set to <200> Console> (enable)
To enable or disable the system logging messages timestamp, perform this task in privileged mode:
| Task | Command |
|---|---|
Enable or disable the timestamp display on system logging messages. | set logging timestamp {enable | disable} |
This example shows how to enable the timestamp display on system logging messages:
Console> (enable) set logging timestamp enable System logging messages timestamp will be enabled. Console> (enable)
By default, system messages are sent to Telnet sessions based on the default facility and severity values.
To configure the logging settings for Telnet sessions, perform one of these tasks in privileged mode:
| Task | Command |
|---|---|
| set logging level facility severity |
| set logging session disable |
| set logging console disable |
| set logging session enable |
| set logging console enable |
This example shows how to change the facility and severity values for Telnet login sessions:
Console> (enable) set logging level cdp 3 System logging facility <cdp> for this session set to severity 3(errors) Console> (enable)
This example shows how to disable system message logging to the current Telnet session:
Console> (enable) set logging session disable System logging messages will not be sent to the current login session. Console> (enable)
This example shows how to disable system message logging to the console session:
Console> (enable) set logging console disable System logging messages will not be sent to the console. Console> (enable)
This example shows how to reenable system message logging to the current Telnet session:
Console> (enable) set logging session enable System logging messages will be sent to the current login session. Console> (enable)
This example shows how to reenable system message logging to the console session:
Console> (enable) set logging console enable System logging messages will be sent to the console. Console> (enable)
To display the current configuration for system messages, perform this task in privileged mode:
| Task | Command |
|---|---|
Display the current system message log configuration. | show logging |
This example shows the results of a show logging command:
Console> (enable)show loggingLogging buffer size: 500timestamp option: enabledLogging history size: 1Logging console: enabledLogging server: disabledserver facility: LOCAL7server severity: warnings(4)Facility Default Severity Current Session Severity------------- ----------------------- ------------------------cdp 4 4drip 2 2dtp 5 5dvlan 2 2earl 2 2fddi 2 2filesys 2 2gvrp 2 2ip 2 2kernel 2 2mcast 2 2mgmt 5 5mls 5 5pagp 5 5protfilt 2 2pruning 2 2security 2 2snmp 2 2spantree 2 2sys 5 5tac 2 2tcp 2 2telnet 2 2tftp 2 2udld 4 4vmps 2 2vtp 2 20(emergencies) 1(alerts) 2(critical)3(errors) 4(warnings) 5(notifications)6(information) 7(debugging)Console>
To verify the system message log configuration, enter the show logging command. If you are verifying the system message log configuration for the console and the syslog server is disabled, the first five lines of output look as follows:
Console> (enable)show logging Logging buffer size:400 timestamp:enabled Logging history size:1Logging console:enabledLogging server:disabled
Console> (enable)show logging
Logging buffer size:400 timestamp:enabled Logging history size:1Logging console:enabled
Logging server:disabled
Current Logging Session:enabled
| Task | Command |
|---|---|
Display the first N messages in the buffer. | show logging buffer N |
This example shows how to display the first five messages from the internal buffer:
Console> (enable) show logging buffer 5 %PRUNING-4-NOTRUNK:trunk 100 not found(domain Lab_Network) %PRUNING-4-NOTRUNK:trunk 100 not found(domain Lab_Network) %MLS-5-ROUTERDEL:Route Processor 172.20.52.6 deleted - router excluded from include list %SYS-5-RTE_DEFGATEFROM:Default Gateway switching from 172.20.52.121 %SYS-5-RTE_DEFGATETO:Default Gateway switching to 172.20.52.125 Console> (enable)
| Task | Command |
|---|---|
Display the last N messages in the buffer. | show logging buffer [-] [N] |
This example shows how to display the last five messages from the internal buffer:
Console> (enable) show logging buffer -5 %CDP-4-DUPLEXMISMATCH:Full/half duplex mismatch detected on port 10/1 %DTP-5-TRUNKPORTON:Port 10/1 has become dot1q trunk %PAGP-5-PORTTOSTP:Port 10/1 joined bridge port 10/1 %SPANTREE-2-RX_1QPVIDERR: Rcved pvid_inc BPDU on 1Q port 10/1 vlan 1. %SPANTREE-2-TX_BLKPORTPVID: Block 10/1 on xmtting vlan 522 for inc peer vlan. Console> (enable)
Posted: Tue Sep 28 13:48:21 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.