Cisco CallManager Serviceability Administration Guide, Release 3.1(1) - System Log Management [Cisco Unified Communications Manager (CallManager)]

Table Of Contents

System Log Management

System Log Management Process

CiscoWorks2000

Cisco Syslog Analyzer Collector

Cisco Syslog Analyzer

Configure Cisco CallManager Syslog Components

Direct Syslog Messages

Direct Messages to Local Syslog Analyzer Collector

Direct Messages to CiscoWorks2000 Server

Enable the SNMP Agent

System Log Management

This chapter provides a description and overview of system log and contains the following topics:

•System Log Management Process

•Configure Cisco CallManager Syslog Components

CiscoWorks2000 serves as the network management system (NMS) of choice for all Cisco devices as well as the Cisco CallManager system. It is not bundled with Cisco CallManager and you must purchase it separately. Use the following tools with CiscoWorks2000 for remote serviceability:

•System Log

•Path Analysis (see "The Path Analysis Interface")

•Cisco Discovery Protocol (see Chapter 14, "Cisco Discovery Protocol Support")

•Simple Network Management Protocol (see Chapter 13, "SNMP Instrumentation")

In an open distributed system, multiple applications generally run on several machines of different types. Cisco Syslog Analysis streamlines the management of such systems by providing a common administrative interface for all log messages received from the applications.

The result provides an orderly presentation of information that assists in the diagnosis and troubleshooting of system problems.

System Log Management Process

Although it can be adapted to other network management systems, Cisco Syslog Analysis, which is packaged with CiscoWorks2000 Resource Manager Essentials, provides the best method to manage Syslog messages from Cisco devices.

Cisco Syslog Analyzer serves as the component of Cisco Syslog Analysis that provides a common storage and analysis of the system log for multiple applications. The other major component, Syslog Analyzer Collector, gathers log messages from Cisco CallManager servers.

These two Cisco applications work together to provide a centralized system logging service for Cisco IP Telephony Solutions.

A diagram of the system (Figure 12-1) shows how the Syslog Analyzer and Syslog Collector function within the syslog analysis process.

Figure 12-1 Functional Components of the System Logging Service

CiscoWorks2000

Using CiscoWorks2000, you can configure and produce reports on the log messages collected from each Cisco CallManager device and other IP telephony devices.

CiscoWorks2000 provides a common system log for applications in the multihost and multiplatform Cisco IP Telephony Solutions environment. In addition, with help from SNMP, CiscoWorks2000 can also provide additional information on each device from which the log messages originate.

Adding a device to the CiscoWorks2000 device inventory database creates a new entry. Once the device is added to the list, CiscoWorks2000 gathers some device information using SNMP. You can easily read and use this information for system maintenance and problem-solving.

Cisco Syslog Analyzer Collector

Syslog Analyzer Collector collects log messages from a Cisco CallManager server, or a cluster of servers, at any network installation (as shown in Figure 12-1). The service collects a wide range of significant event messages that reflect system status.

After validating the events or error messages collected, Syslog Analyzer Collector passes them to the Syslog Analyzer. When this process is complete, you can use Syslog Analyzer to analyze the log messages.

You can stop and start the Syslog Analyzer Collector service from the Windows 2000 Service Control Manager.

Cisco Syslog Analyzer

Cisco Syslog Analyzer, which resides on a CiscoWorks2000 server, receives the messages collected from multiple applications by the Syslog Analyzer Collector.

When a collection of data is received, the Cisco Syslog Analyzer parses and stores the results in the CiscoWorks2000 database. Use this interface to access and manage the data that is collected from the system managed devices.

Configure Cisco CallManager Syslog Components

The following sections describe how to configure Cisco CallManager alarms to direct Syslog messages and to enable the SNMP extension agent.

Direct Syslog Messages

Cisco CallManager applications can be configured to send Syslog messages directly to the CiscoWorks2000 server or to a local host on which the Remote Syslog Analyzer Collector (RSAC) software is installed.

Refer to the CiscoWorks2000 installation procedures for the Resource Manager Essentials at the following Internet address: http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/index.htm

Refer to the CiscoWorks2000 online documentation for information about the Remote Syslog Analyzer Collector.

The Cisco CallManager Serviceability interface directs the syslog output and initiates the logging activity. See Chapter 2, "Alarms," for more information.

Direct Messages to Local Syslog Analyzer Collector

Perform the following procedures to direct Syslog messages to a local host.

Step 1 Choose Application > Cisco CallManager Serviceability from the Cisco CallManager Administration window.

The Cisco CallManager Serviceability window displays.

Step 2 Choose Alarm > Configuration.

Step 3 Choose the server from the Servers column.

The server you chose appears in the Select a Server column, and a box with configurable services displays.

Step 4 From the Configured Services list, choose the service for which you want to configure the alarm.

The service you chose displays after the Current Service title, along with the current server you chose. A list of alarm monitors with the event levels displays in the Alarm Configuration window.

Step 5 Check the Enable Alarm for Syslog check box.

Step 6 Click the Down arrow in the Alarm Event Level selection box.

A list with eight event levels displays.

Step 7 Click the desired alarm event level.

Step 8 Leave the Server Name box blank to send Syslog messages to a local host.

Step 9 Click the Update button to save your configuration.

Direct Messages to CiscoWorks2000 Server

Perform the following procedures to send Syslog messages directly to the CiscoWorks2000 server.

Step 1 Choose Application > Cisco CallManager Serviceability from the Cisco CallManager Administration window.

The Cisco CallManager Serviceability window displays.

Step 2 Choose Alarm > Configuration.

Step 3 Choose the server from the Servers column.

The server you chose appears in the Select a Server column, and a box with configurable services displays.

Step 4 From the Configured Services list, choose the service for which you want to configure the alarm.

The service you chose displays after the Current Service title, along with the current server you chose. A list of alarm monitors with the event levels displays in the Alarm Configuration window.

Step 5 Check the Enable Alarm for Syslog check box.

Step 6 Click the Down arrow in the Alarm Event Level selection box.

A list with eight event levels displays.

Step 7 Click the desired alarm event level.

Step 8 Enter the CiscoWorks2000 server name in the Server Name box.

Step 9 Click the Update button to save your configuration.

Enable the SNMP Agent

Because CiscoWorks2000 sends SNMP requests to query for device information, you must enable the Microsoft Windows 2000 SNMP service at the time that Cisco CallManager is installed.

Adding a system adds device databases to the CiscoWorks device list, and SNMP requests are used to retrieve that information. See Chapter 13, "SNMP Instrumentation," for more information.

	Cisco CallManager Serviceability Administration Guide, Release 3.1(1)
	System Log Management
Cisco CallManager Serviceability Administration Guide, Release 3.1(1) Index Preface Overview Alarms Trace Control Center Admin Serviceability Tool Cisco Secure Telnet The Show Command Line Interface Monitor Performance Counters Message Translator Manage With CiscoWorks2000 The Path Analysis Interface System Log Management SNMP Instrumentation Cisco Discovery Protocol Support Cisco CallManager Perfmon Counters, AST, and CCM_SNMP_MIB	Download this chapter System Log Management Download the complete book PDF version of entire book (PDF - 3 MB) Feedback Table Of Contents System Log Management System Log Management Process CiscoWorks2000 Cisco Syslog Analyzer Collector Cisco Syslog Analyzer Configure Cisco CallManager Syslog Components Direct Syslog Messages Direct Messages to Local Syslog Analyzer Collector Direct Messages to CiscoWorks2000 Server Enable the SNMP Agent System Log Management This chapter provides a description and overview of system log and contains the following topics: •System Log Management Process •Configure Cisco CallManager Syslog Components CiscoWorks2000 serves as the network management system (NMS) of choice for all Cisco devices as well as the Cisco CallManager system. It is not bundled with Cisco CallManager and you must purchase it separately. Use the following tools with CiscoWorks2000 for remote serviceability: •System Log •Path Analysis (see "The Path Analysis Interface") •Cisco Discovery Protocol (see Chapter 14, "Cisco Discovery Protocol Support") •Simple Network Management Protocol (see Chapter 13, "SNMP Instrumentation") In an open distributed system, multiple applications generally run on several machines of different types. Cisco Syslog Analysis streamlines the management of such systems by providing a common administrative interface for all log messages received from the applications. The result provides an orderly presentation of information that assists in the diagnosis and troubleshooting of system problems. System Log Management Process Although it can be adapted to other network management systems, Cisco Syslog Analysis, which is packaged with CiscoWorks2000 Resource Manager Essentials, provides the best method to manage Syslog messages from Cisco devices. Cisco Syslog Analyzer serves as the component of Cisco Syslog Analysis that provides a common storage and analysis of the system log for multiple applications. The other major component, Syslog Analyzer Collector, gathers log messages from Cisco CallManager servers. These two Cisco applications work together to provide a centralized system logging service for Cisco IP Telephony Solutions. A diagram of the system (Figure 12-1) shows how the Syslog Analyzer and Syslog Collector function within the syslog analysis process. Figure 12-1 Functional Components of the System Logging Service CiscoWorks2000 Using CiscoWorks2000, you can configure and produce reports on the log messages collected from each Cisco CallManager device and other IP telephony devices. CiscoWorks2000 provides a common system log for applications in the multihost and multiplatform Cisco IP Telephony Solutions environment. In addition, with help from SNMP, CiscoWorks2000 can also provide additional information on each device from which the log messages originate. Adding a device to the CiscoWorks2000 device inventory database creates a new entry. Once the device is added to the list, CiscoWorks2000 gathers some device information using SNMP. You can easily read and use this information for system maintenance and problem-solving. Cisco Syslog Analyzer Collector Syslog Analyzer Collector collects log messages from a Cisco CallManager server, or a cluster of servers, at any network installation (as shown in Figure 12-1). The service collects a wide range of significant event messages that reflect system status. After validating the events or error messages collected, Syslog Analyzer Collector passes them to the Syslog Analyzer. When this process is complete, you can use Syslog Analyzer to analyze the log messages. You can stop and start the Syslog Analyzer Collector service from the Windows 2000 Service Control Manager. Cisco Syslog Analyzer Cisco Syslog Analyzer, which resides on a CiscoWorks2000 server, receives the messages collected from multiple applications by the Syslog Analyzer Collector. When a collection of data is received, the Cisco Syslog Analyzer parses and stores the results in the CiscoWorks2000 database. Use this interface to access and manage the data that is collected from the system managed devices. Configure Cisco CallManager Syslog Components The following sections describe how to configure Cisco CallManager alarms to direct Syslog messages and to enable the SNMP extension agent. Direct Syslog Messages Cisco CallManager applications can be configured to send Syslog messages directly to the CiscoWorks2000 server or to a local host on which the Remote Syslog Analyzer Collector (RSAC) software is installed. Refer to the CiscoWorks2000 installation procedures for the Resource Manager Essentials at the following Internet address: http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/index.htm Refer to the CiscoWorks2000 online documentation for information about the Remote Syslog Analyzer Collector. The Cisco CallManager Serviceability interface directs the syslog output and initiates the logging activity. See Chapter 2, "Alarms," for more information. Direct Messages to Local Syslog Analyzer Collector Perform the following procedures to direct Syslog messages to a local host. Step 1 Choose Application > Cisco CallManager Serviceability from the Cisco CallManager Administration window. The Cisco CallManager Serviceability window displays. Step 2 Choose Alarm > Configuration. Step 3 Choose the server from the Servers column. The server you chose appears in the Select a Server column, and a box with configurable services displays. Step 4 From the Configured Services list, choose the service for which you want to configure the alarm. The service you chose displays after the Current Service title, along with the current server you chose. A list of alarm monitors with the event levels displays in the Alarm Configuration window. Step 5 Check the Enable Alarm for Syslog check box. Step 6 Click the Down arrow in the Alarm Event Level selection box. A list with eight event levels displays. Step 7 Click the desired alarm event level. Step 8 Leave the Server Name box blank to send Syslog messages to a local host. Step 9 Click the Update button to save your configuration. Direct Messages to CiscoWorks2000 Server Perform the following procedures to send Syslog messages directly to the CiscoWorks2000 server. Step 1 Choose Application > Cisco CallManager Serviceability from the Cisco CallManager Administration window. The Cisco CallManager Serviceability window displays. Step 2 Choose Alarm > Configuration. Step 3 Choose the server from the Servers column. The server you chose appears in the Select a Server column, and a box with configurable services displays. Step 4 From the Configured Services list, choose the service for which you want to configure the alarm. The service you chose displays after the Current Service title, along with the current server you chose. A list of alarm monitors with the event levels displays in the Alarm Configuration window. Step 5 Check the Enable Alarm for Syslog check box. Step 6 Click the Down arrow in the Alarm Event Level selection box. A list with eight event levels displays. Step 7 Click the desired alarm event level. Step 8 Enter the CiscoWorks2000 server name in the Server Name box. Step 9 Click the Update button to save your configuration. Enable the SNMP Agent Because CiscoWorks2000 sends SNMP requests to query for device information, you must enable the Microsoft Windows 2000 SNMP service at the time that Cisco CallManager is installed. Adding a system adds device databases to the CiscoWorks device list, and SNMP requests are used to retrieve that information. See Chapter 13, "SNMP Instrumentation," for more information.
	Terms & Conditions \| Privacy Statement \| Cookie Policy \| Trademarks