Logging 101

1. Configuring Logging

Logging messages generated by the router are sent to the logging process. It controls the distribution of the messages to various destinations. If the logging process is off, then only the console receives log messages. To enable logging, use:

R(config)# logging on

Without this command only the console will receive logs.

1.1 Logging Destination

R(config)# logging buffered [SIZE]
! Logs messages to an internal buffer.
R(config)# logging HOST-IP [LEVEL]
! Logs messages to a syslog server host.
R(config)# logging trap LEVEL
! Must be enabled in order to log messages to Syslog Host
R(config)# logging file FILENAME [MAX-SIZE [MIN-SIZE]] [LEVEL]
! Logs messages to a file
R(config)# logging console
! Logs messages to con0 output
R(config)# logging monitor
! Logs messages to vty output

By default, debug information only appears on the console terminal. To show them on the current terminal, use:

Router# terminal monitor

By default, unsolicited debug information will interrupt solicited display information. Using synchronous logging, unsolicited debug information will only be displayed after the solicited information is displayed.

R(config-line)# logging synchronous [level LEVEL | all] [limit BUFFERS]

1.2 Timestamps and Line Numbers

By default, log messages are not time-stamped, but tou can set timestamping using:

R(config)# service timestamps log { uptime |  datetime [msec] [localtime] [show-timezone]}
! uptime – time since last reboot
! datetime - Current Datetime in UTC
! localtime – Shows the time in the configured timezone
! msec – adds milisec to the timestamp
! show-timezone – adds timezone to the time

Separate settings can be configure for debug messages:

R(config)# service timestamps log { uptime |  datetime [msec] [localtime] [show-timezone]}

You can also enable the services for adding sequence numbers to the log:

R(config)# service sequence-numbers

1.3 Error message level

R(config)# logging {console|monitor|trap} LEVEL
Level Keyword Description Syslog
0 Emergencies System unusable LOG_EMERG
1 Alerts Immediate action needed LOG_ALERT
2 Critical Critical conditions LOG_CRIT
3 Errors Error conditions LOG_ERR
4 Warnings Warning conditions LOG_WARNING
5 Notifications Normal but significant conditions LOG_NOTICE
6 Informational Informational messages LOG_INFO
7 Debugging Debugging messages LOG_DEBUG

1.4 Additional settings

! Add an origin Identifier:
R(config)# logging origin-id {hostname|ip|ipv6|string STRING}
! Rate limit log messages per second:
R(config)# logging rate-limit [all|console] MESSAGES-PER-SEC [except LEVEL]
! Set the source of syslog messages:
R(config)# logging source-interface INTERFACE
! Log user information when a user uses the enable command:
R(config)# logging userinfo

2. Logging configuration changes

R(config)# archive
R(config-archive)# log config
R(config-archive-log-cfg)# logging enable
R(config-archive-log-cfg)# logging size SIZE
R(config-archive-log-cfg)# hidekeys
! Suppresses the display of passwords
R(config-archive-log-cfg)# notify syslog
! Enables sending of configuration changes to a syslog server

3. Monitoring Logs

To see the buffered logs, use:

R# show logging [count|history]

To see the archive logs, use:

R# show archive log config [all|user USER]

Leave a Reply

Your email address will not be published. Required fields are marked *