Syslog Configuration
Overview
Syslog is a standard for logging program messages. It allows separation of the software that generates messages from the system that stores them and the software that reports and analyzes them. It also provides devices which would otherwise be unable to communicate, a means to notify administrators of problems or performance.
OcNOS supports logging messages to a syslog server in addition to logging to a file or the console (local or ssh/telnet console). OcNOS messages can be logged to a local syslog server (the machine on which OcNOS executes) as well as to one or more remote syslog servers (maximum of 8 remote syslog server is supported). Remote syslog servers can either be configured with IPv4/v6 addresses or host names.
Support for In-band management over Default VRF
OcNOS supports syslog over the default, management, and user defined VRFs via in-band management interface and OOB management interface, respectively.
By default, syslog runs on the management VRF.
Syslog Configuration with IPv4 Address
Logging is performed with IPv4 IP address and verified by logs on remote machine.
Topology
.
Syslog sample topology
Enabling rsyslog
#configure terminal | Enter configure mode. |
(config)#feature rsyslog [vrf management] | Enable feature on default or management VRF. By default this feature runs on the management VRF. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode |
Logging to a File
The below configurations shows how to enable debug logs for a particular protocol. In this case, OSPF is shown.
#debug ospf all | This enables the debugging on OSPF. |
#configure terminal | Enter configure mode |
(config)#router ospf 1 | Enable OSPF process 1 |
(config-router)#exit | Exit router mode |
(config)#feature rsyslog | Enable feature on default or management VRF. By default this feature runs on the management VRF. |
(config)#logging level ospf 7 | This enable debug messages for OSPF module. This is configurable either if default of management VRF. |
(config)#logging logfile ospf1 7 | This creates the log file where the logs will be saved. The path of the file will be in the directory /log/ospf1. Log File size 4096-4194304 bytes. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode |
To verify this, do some OSPF configuration and view the messages in the log file or with the show logging logfile command.
Validation
#show logging logfile
File logging : enabled File Name : /log/ospf1 Size : 419430400 Severity : (7)
2019 Jan 05 20:10:52.202 : OcNOS : OSPF : INFO : NSM Message Header
2019 Jan 05 20:10:52.202 : OcNOS : OSPF : INFO : VR ID: 0
2019 Jan 05 20:10:52.203 : OcNOS : OSPF : INFO : VRF ID: 0
2019 Jan 05 20:10:52.203 : OcNOS : OSPF : INFO : Message type: NSM_MSG_LINK_ADD
(5)
2019 Jan 05 20:10:52.203 : OcNOS : OSPF : INFO : Message length: 232
2019 Jan 05 20:10:52.203 : OcNOS : OSPF : INFO : Message ID: 0x00000000
2019 Jan 05 20:10:52.203 : OcNOS : OSPF : INFO : NSM Interface
2019 Jan 05 20:10:52.203 : OcNOS : OSPF : INFO : Interface index: 100001
2019 Jan 05 20:10:52.203 : OcNOS : OSPF : INFO : Name: po1
2019 Jan 05 20:10:52.204 : OcNOS : OSPF : INFO : Flags: 536875010
2019 Jan 05 20:10:52.204 : OcNOS : OSPF : INFO : Status: 0x00000804
2019 Jan 05 20:10:52.204 : OcNOS : OSPF : INFO : Metric: 1
2019 Jan 05 20:10:52.207 : OcNOS : OSPF : INFO : MTU: 1500
2019 Jan 05 20:10:52.207 : OcNOS : OSPF : INFO : Type: L3
2019 Jan 05 20:10:52.207 : OcNOS : OSPF : INFO : HW type: 9
2019 Jan 05 20:10:52.208 : OcNOS : OSPF : INFO : HW len: 6
2019 Jan 05 20:10:52.209 : OcNOS : OSPF : INFO : HW address: ecf4.bb5c.a2b0
2019 Jan 05 20:10:52.210 : OcNOS : OSPF : INFO : Bandwidth: 0.000000
2019 Jan 05 20:10:52.211 : OcNOS : OSPF : INFO : Interface lacp key flag 0
2019 Jan 05 20:10:52.212 : OcNOS : OSPF : INFO : Interface lacp aggregator upda
te flag 0
#show logging level
Facility Default Severity Current Session Severity
nsm 3 3
ripd 3 3
ospfd 3 7
ospf6d 3 3
isisd 3 3
hostpd 3 3
ldpd 2 2
rsvpd 2 2
mribd 2 2
pimd 2 2
authd 2 2
mstpd 2 2
imi 2 2
onmd 2 2
oamd 2 2
vlogd 2 2
vrrpd 2 2
ribd 2 2
bgpd 3 3
l2mribd 2 2
lagd 2 2
sflow 2 2
pservd 2 2
Logging to the Console
Note: For CMMD, Critical logs in the console are equivalent to Alert traps & Alert logs on the console is equivalent to critical trap in SNMP.
#configure terminal | Enter configure mode. |
(config)#logging level ospf 7 | This enable debug messages for OSFP module. |
(config)#logging console 7 | This enables the console logs. |
(config)#debug ospf | This enables the debugging on OSPF configurations. |
(config)#router ospf | Enabling ospf for process 1. |
(config-router)#exit | Exit router mode. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode. |
To verify this, do some OSPF configuration and view the messages in the console.
Validation
#show logging console
Console logging : enabled Severity: (debugging)
#show logging level
Facility Default Severity Current Session Severity
nsm 3 3
ripd 3 3
ospfd 3 7
ospf6d 3 3
isisd 3 3
hostpd 3 3
ldpd 2 2
rsvpd 2 2
mribd 2 2
pimd 2 2
authd 2 2
mstpd 2 2
imi 2 2
onmd 2 2
oamd 2 2
vlogd 2 2
vrrpd 2 2
ribd 2 2
bgpd 3 3
l2mribd 2 2
lagd 2 2
sflow 2 2
pservd 2 2
Logging to Remote Server via User-Defined VRF
#configure terminal | Enter configure mode. |
(config)#ip vrf snmp-vrf | Create a user-defined VRF called snmp-vrf |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#logging level bgp 7 | This enable debug messages for BGP module. |
(config)#logging remote server 10.16.2.1 vrf management | Redirects the log messages to the server configured over the management VRF |
(config)#logging remote server 172.18.19.22 7 vrf snmp-vrf | Redirects the log messages to the server configured over the User defined VRF snmp-vrf |
(config)#debug bgp all | This enables the debugging on BGP configurations. |
(config)#router bgp 1 | Enabling BGP process 1. |
(config-router)#exit | Exit router mode. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode. |
Validation
#show logging server
Remote Servers:
10.16.2.1
severity: (debugging)
facility: local7
VRF: management
172.18.19.22
severity: Operator (debug-detailed)
facility: local7
authpriv: Enabled
VRF : snmp-vrf
#show logging level
Facility Default Severity Current Session Severity
nsm 3 3
ripd 3 3
ospfd 3 3
ospf6d 3 3
isisd 3 3
hostpd 3 3
ldpd 2 2
rsvpd 2 2
mribd 2 2
pimd 2 2
authd 2 2
mstpd 2 2
imi 2 2
onmd 2 2
oamd 2 2
vlogd 2 2
vrrpd 2 2
ribd 2 2
bgpd 3 7
l2mribd 2 2
lagd 2 2
sflow 2 2
pservd 2 2
Logging to Remote Server over Default VRF
#configure terminal | Enter configure mode. |
(config)#logging level bgp 7 | This enable debug messages for BGP module. |
(config)#logging remote server 10.16.2.1 vrf management | Redirects the log messages to the server configured. |
(config)#debug bgp all | This enables the debugging on BGP configurations. |
(config)#router bgp 1 | Enabling BGP process 1. |
(config-router)#exit | Exit router mode. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode. |
Validation
#show logging server
Remote Servers:
10.16.2.1
severity: (debugging)
facility: local7
VRF: management
#show logging level
Facility Default Severity Current Session Severity
nsm 3 3
ripd 3 3
ospfd 3 3
ospf6d 3 3
isisd 3 3
hostpd 3 3
ldpd 2 2
rsvpd 2 2
mribd 2 2
pimd 2 2
authd 2 2
mstpd 2 2
imi 2 2
onmd 2 2
oamd 2 2
vlogd 2 2
vrrpd 2 2
ribd 2 2
bgpd 3 7
l2mribd 2 2
lagd 2 2
sflow 2 2
pservd 2 2
Syslog Configuration with IPv6 Address
Logging is performed with IPv6 IP and verified by logs on remote PC (Logging server).
Topology
Figure 1-25 shows the sample configuration of Syslog.
Syslog Configuration topology
Enabling rsyslog
#configure terminal | Enter configure mode |
(config)#feature rsyslog [vrf management] | Enable feature on default or management VRF. By default this feature runs on the management VRF. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode |
Logging to a File
The below configurations shows how to enable debug logs for a particular protocol. In this case, OSPF is shown.
#debug ospf all | This enables the debugging on OSPF |
#configure terminal | Enter configure mode |
(config)#router ospf 1 | Enable OSPF process 1 |
(config-router)#exit | Exit router mode |
(config)#feature rsyslog | Enable feature on default or management VRF. By default this feature runs on the management VRF. |
(config)#logging level ospf 7 | This enable debug messages for OSPF module. This is configurable either if de-fault of management VRF. |
(config)#logging logfile ospf1 7 | This creates the log file where the logs will be saved. The path of the file will be in the directory /log/ospf1. Log File size 4096- 4194304 bytes |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode |
Logging to Remote Server
#configure terminal | Enter configure mode. |
(config)#logging level bgp 7 | This enable debug messages for BGP module |
(config)#logging remote server 10.16.2.1 vrf management | Redirects the log messages to the server configured. |
(config)#debug bgp all | This enables the debugging on BGP con-figurations. |
(config)#router bgp 1 | Enabling BGP process 1. |
(config-router)#exit | Exit router mode. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode. |
Validation
#show logging server
Remote Servers:
2001::1
severity: (debugging)
facility: local7
VRF: management
Logging to Remote Server over User-defined VRF
#configure terminal | Enter configure mode. |
(config)#ip vrf VRF1 | Create a user-defined vrf called VRF1 |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#logging level bgp 7 | This enable debug messages for BGP module |
(config)# logging remote server 1001:db8:0:1::1 7 vrf VRF1 | Redirects the log messages to the server configured over User Defined VRF |
(config)#debug bgp all | This enables the debugging on BGP con-figurations. |
(config)#router bgp 1 | Enabling BGP process 1. |
(config-router)#exit | Exit router mode. |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit configure mode. |
Validation
#show logging server
Remote Servers:
1001:db8:0:1::1
severity: Operator(debug-detailed)
facility: local7
authpriv: Enabled
VRF : VRF1