- Preface
- Using the WAAS Command-Line Interface
- Cisco WAAS Software Command Summary
- CLI Commands
- EXEC Mode Commands
- Global Configuration Mode Commands
- Interface Configuration Mode Commands
- Standard ACL Configuration Mode Commands
- Extended ACL Configuration Mode Commands
- Preposition Configuration Mode Commands
- PKI Certification Authority Configuration Mode Commands
- PKI Global Settings Configuration Mode Commands
- SSL Accelerated Service Configuration Mode Commands
- SSL Cipher List Configuration Mode Commands
- SSL Global Service Configuration Mode Commands
- SSL Host Peering Service Configuration Mode Commands
- SSL Management Service Configuration Mode Commands
- WCCP Configuration Mode Commands
- Service Context Configuration Mode Commands
- Service Node Group Configuration Mode Commands
- Service Node Configuration Mode Commands
- Service Context Configuration Mode Commands
- Class Map Configuration Mode Commands
- Policy Map Configuration Mode Commands
- Policy Map Class Configuration Mode Commands
- Acronyms and Abbreviations
- Command Summary by Mode
- cd
- clear arp-cache
- clear bmc
- clear cache
- clear cache http-object-cache invalidate
- clear cdp
- clear connection
- clear dre
- clear ip
- clear ip v6
- clear license
- clear logging
- clear object-cache
- clear service-policy
- clear statistics
- clear statistics accelerator
- clear statistics accelerator http object-cache
- clear statistics connection
- clear statistics monitor appnav-controller traffic
- clear statistics vn-service vpath
- clear transaction-log
- clear users
- clear windows-domain
- clear windows-domain-log
- clock
- cms
- cms secure-store
- configure
- copy disk
- copy ftp
- copy http
- copy monitoring-log
- copy running-config
- copy scp
- copy secure-http
- copy startup-config
- copy sysreport
- copy system-status
- copy tech-support
- copy tftp
- cpfile
- crypto delete
- crypto export
- crypto generate
- crypto import
- crypto pki
- debug aaa accounting
- debug aaa authorization
- debug accelerator
- debug accelerator http object-cache
- debug accelerator mapi rpchttp -layer
- debug all
- debug appnav-controller connection
- debug appnav-controller drop capture
- debug authentication
- debug auto-discovery
- debug buf
- debug cdp
- debug cli
- debug cmm
- debug cms
- debug connection
- debug controllers
- debug dataserver
- debug dhcp
- debug dre
- debug egress-method
- debug encryption-service
- debug fda
- debug fdm
- debug filtering
- debug flow
- debug generic-gre
- debug hw-raid
- debug imd
- debug inline
- debug key-manager
- debug logging
- debug monapi
- debug nplogd
- debug ntp
- debug object-cache database
- debug object-cache existence-cache
- debug object-cache load-monitor
- debug punt
- debug rbcp
- debug rmd
- debug rpc
- debug service-insertion
- debug service-policy
- debug snmp
- debug standby
- debug statistics
- debug synq
- debug tfo
- debug translog
- debug wafs
- debug wccp
- delfile
- deltree
- dir
- disable
- disk
- dnslookup
- enable
- exit
- find-pattern
- help
- install
- less
- license add
- lls
- ls
- lsusb
- mkdir
- mkfile
- monitor appnav-controller traffic
- ntpdate
- packet-capture
- ping
- ping6
- pwd
- reload
- rename
- restore
- rmdir
- scp
- script
- setup
- show aaa accounting
- show aaa authorization
- show accelerator
- show accelerator http object-cache
- show alarms
- show appnav-controller flow-distribution
- show arp
- show authentication
- show auto-discovery
- show auto-register
- show banner
- show bmc
- show bridge
- show cache http-metadatacache
- show cache object-cache
- show cdp
- show class-map
- show clock
- show cms
- show cms secure-store
- show crypto
- show debugging
- show device-id
- show device-mode
- show disks
- show dre
- show filtering list
- show flash
- show flow record
- show hardware
- show hosts
- show inetd
- show interception-method
- show interface
- show inventory
- show ip access-list
- show ip routes
- show ipv6
- show kdump
- show kerberos
- show key-manager
- show license
- show logging
- show memory
- show monitor
- show ntp
- show peer optimization
- show policy-map
- show policy-sub-class
- show processes
- show radius-server
- show reload
- show running-config
- show service-insertion
- show service-policy
- show services
- show smb-conf
- show snmp
- show ssh
- show startup-config
- show statistics accelerator
- show statistics accelerator http object-cache
- show statistics accelerator http preposition
- show statistics aoim
- show statistics application
- show statistics appnav-controller
- show statistics authentication
- show statistics auto-discovery
- show statistics class-default
- show statistics class-map
- show statistics connection
- show statistics connection auto-discovery
- show statistics connection closed
- show statistics connection conn-id
- show statistics connection egress-methods
- show statistics connection optimized
- show statistics connection pass-through
- show statistics crypto ssl ciphers
- show statistics datamover
- show statistics dre
- show statistics encryption-services
- show statistics filtering
- show statistics flow
- show statistics generic-gre
- show statistics icmp
- show statistics icmp6
- show statistics ip
- show statistics ipv6
- show statistics monitor appnav-controller traffic
- show statistics netstat
- show statistics pass-through
- show statistics peer
- show statistics policy-sub-class
- show statistics punt
- show statistics radius
- show statistics service-insertion
- show statistics services
- show statistics sessions
- show statistics snmp
- show statistics synq
- show statistics system cpu
- show statistics tacacs
- show statistics tcp
- show statistics tfo
- show statistics udp
- show statistics vn-service vpath
- show statistics wccp
- show statistics windows-domain
- show synq list
- show sysfs volumes
- show tacacs
- show tcp
- show tech-support
- show telnet
- show tfo tcp
- show transaction-logging
- show user
- show users administrative
- show version
- show wccp
- show windows-domain
- show windows-domain encrypted services
- shutdown
- ssh
- tcpdump
- telnet
- terminal
- test
- tethereal
- top
- traceroute
- traceroute6
- transaction-log
- type
- type-tail
- vm
- waas-tcptrace
- whoami
- windows-domain
- write
- zzdebugshell
EXEC Mode Commands
Use the EXEC mode for setting, viewing, and testing system operations. In general, the user EXEC commands allow you to connect to remote devices, change terminal line settings on a temporary basis, perform basic tests, and list system information.
The EXEC mode is divided into two access levels: user and privileged.
The user EXEC mode is used by local and general system administrators, while the privileged EXEC mode is used by the root administrator. Use the enable and disable commands to switch between the two levels. Access to the user-level EXEC command line requires a valid password.
The user-level EXEC commands are a subset of the privileged-level EXEC commands. The user-level EXEC prompt is the hostname followed by a right angle bracket (>). The prompt for the privileged-level EXEC command line is the pound sign (#). To execute an EXEC command, enter the command at the EXEC system prompt and press the Return key.
Note You can change the hostname using the hostname global configuration command.
The following example shows how to access the privileged-level EXEC command line from the user level:
To leave EXEC mode, use the exit command at the system prompt:
cd
To change from one directory to another directory in the WAAS software, use the cd EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use this command to navigate between directories and for file management. The directory name becomes the default prefix for all relative paths. Relative paths do not begin with a slash (/). Absolute paths begin with a slash (/).
Examples
The following example shows how to change to a directory using a relative path:
The following example shows how to change to a directory using an absolute path:
Related Commands
clear arp-cache
To clear the ARP cache, use the clear arp-cache EXEC command.
clear arp-cache [ ipaddress | interface { GigabitEthernet slot/port | PortChannel index | Standby grpNumber | TenGigabitEthernet slot/port | InlinePort slot/grpnumber {lan | wan} }]
Syntax Description
(Optional) Clears all ARP entries on the designated interface. |
|
Clears the inline port interface (slot/group). Specify lan for the LAN interface or wan for the WAN interface. |
Defaults
No default behavior or values.
Note that on ISR-WAAS, the default-gateway (ISR host's interface address) cannot be cleared from ARP cache.
Command Modes
Device Modes
Examples
The following example shows how to clear the ARP cache on the WAAS device:
Related Commands
clear bmc
To clear the BMC logs and events, use the clear bmc EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the entries recorded in the BMC system event log on the WAAS device:
Related Commands
clear cache
To clear cached objects, use the clear cache EXEC command.
clear cache http-metadatacache https {conditional-response | redirect-response | unauthorized-response }
clear cache http-metadatacache { all | conditional-response | redirect-response | unauthorized-response} [ url ]
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
After you use the clear cache dre command, the first 1 MB of data is not optimized. The Cisco WAAS software does not optimize the first 1 MB of data after a restart of the tcpproxy service. The data that is transmitted after the first 1 MB of data will be optimized according to the configured policy.
The clear cache dre command may cause the system to reboot, but you are asked to confirm before the command continues and you are given a chance to save any configuration changes that have been made to the running configuration.
The clear cache dre command does not delete the DRE cache contents but expires it by removing markers in the content to prevent reuse. If you want to delete the cache contents, use the disk delete-data-partitions command.
Examples
The following example shows how to clear the HTTP metadata cache for conditional responses:
Related Commands
clear cache http-object-cache invalidate
To clear the object cache, use the clear cache http object-cache EXEC command.
clear cache http-object-cache invalidate
Command Default
Command Modes
Device Modes Default
Usage Guidelines
This command clears all entries in the cache directory as a background task, but leaves entries up to 60 seconds prior to the command being given. It can take a few minutes to complete, but the CE is functional while the process is ongoing. Data on the disk remains and is not overwritten. Log entries appear indicating the beginning and end of the operation.
Examples
The following example shows how to clear the HTTP object cache:
clear cdp
To clear Cisco Discovery Protocol statistics, use the clear cdp EXEC command.
clear cdp { counters | table }
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the CDP counter statistics on the WAAS device:
Related Commands
clear connection
To reset one or more connections, use the clear connection EXEC command.
clear connection [ client-ip { ip_address | hostname } | client-port port | flow-id id | server-ip { ip_address | hostname } | server-port port]
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to reset connection number 45 on the WAAS device:
The following example shows how to reset connections with server port 80 on the WAAS device:
Related Commands
clear dre
To clear DRE configurations, use the clear dre EXEC command.
clear dre auto-bypass [ { ip_address | hostname } port ]
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear all DRE auto-bypass entries :
The following example shows how to clear the DRE auto-bypass entry for a specific port on a specific server :
Related Commands
clear ip
To clear IP access list statistics, use the clear ip EXEC command.
clear ip access-list counters [ acl-num | acl-name ]
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the IP access list counters on the WAAS device:
Related Commands
clear ipv6
To clear IPv6 neighbor cache entries, use the clear ipv6 neighbors EXEC command.
clear ipv6 neighbors {GigabitEthernet [slot number/port] | Portchannel [Etherchannel index] | standby [standby index] }
clear ipv6 neighbors virtual slot/port
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the neighboring cache entries for a GigabitEthernet interface on the WAAS device:
Related Commands
clear license
To clear licensing configuration, use the clear license EXEC command.
clear license [ license-name ]
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the licensing configuration on the WAAS device:
Related Commands
clear logging
To clear syslog messages saved in a disk file, use the clear logging EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The clear logging command removes all current entries from the syslog.txt file but does not make an archive of the file. It puts a “Syslog cleared” message in the syslog.txt file to indicate that the syslog has been cleared.
Examples
The following example shows how to clear all entries in the syslog.txt file on the WAAS device:
Related Commands
clear object-cache
To remove objects from object cache that match specified criteria, use the clear object-cache EXEC command.
clear object-cache [accelerator smb] all
Syntax Description
Defaults
Command Modes
Device Modes Default
Usage Guidelines
The clear object-cache command removes all objects from the object cache, or all objects from cache that match specified criteria,
Examples
The following example shows how to clear objects from object cache that match the criteria of the SMB AO and the URL www.sampletestdomain.com.
WAE# clear object-cache accelerator http url www.sampletestdomain.com
Related Commands
clear service-policy
To clear class map and policy map counters for AppNav and optimization policies, use the clear service-policy EXEC command.
clear service-policy [ type { appnav | waas }] counters
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
When specified without the type keyword, this command clears counters for both AppNav and WAAS optimization class maps and policy maps.
Examples
The following example shows how to clear both AppNav and WAAS optimization class map and policy map counters:
The following example shows how to clear only AppNav class map and policy map counters:
Related Commands
clear statistics
To reset statistics data, use the clear statistics EXEC command.
clear statistics { all | aoim | appnav-controller all | authentication | auto-discovery { all | blacklist } | class-map { appnav | waas } | datamover | dre [ global ] | exporter | filtering | flow monitor type performance-monitor tcpstat-v1 | generic-gre | icmp | inline | ip | ipv6 {internal} | pass-through | peer dre | punt | radius | service-insertion { appnav-controller ip_address | appnav-controller-group | data-path | service-context | service-node ip_address | service-node-group name } | snmp | synq | tacacs | tcp | tfo | udp | wccp | windows-domain | windows-print }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The clear statistics command clears all statistical counters from the parameters given. Use this command to monitor fresh statistical data for some or all features without losing cached objects or configurations.
Not all command options are applicable for a device in central-manager mode.
Note that from software version 6.x onwards, clear statistics snmp does not clear all statistical counters due to net snmp implementation.
Examples
The following example shows how to clear all authentication, RADIUS and TACACS+ information on the WAAS device:
Related Commands
clear statistics accelerator
To clear all global statistics, use the clear statistics accelerator EXEC command.
clear statistics accelerator { epm | generic | http | mapi | smb | ssl }
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the statistics for the SMB application accelerator on the WAAS device:
Related Commands
clear statistics accelerator http object-cache
To clear object cache statistics for a WAAS device, use the clear statistics accelerator HTTP object-cache EXEC command.
clear statistics accelerator http object-cache
Syntax Description
Command Default
Command Modes
Device Modes Default
Usage Guidelines
Example
The following example shows how to clear object cache statistics for a WAAS device.
Related Commands
clear statistics connection
To clear connection statistics, use the clear statistics connection EXEC command.
clear statistics connection conn-id connection_id
clear statistics connection optimized [ client-ip { ip_address | hostname } | client-port port | { epm | http | ica | mapi | smb | ssl | tfo | wansecure } dre | peer-id peer_id | server-ip { ip_address | hostname } | server-port port]
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the connection 1 statistics on the WAAS device:
Related Commands
clear statistics monitor appnav-controller traffic
To clear traffic monitoring statistics for an AppNav Controller Interface Module, use the clear statistics monitor appnav-controller traffic EXEC command.
clear statistics monitor appnav-controller traffic
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear the traffic monitoring statistics:
Related Commands
clear statistics vn-service vpath
To clear VPATH statistics for your vWAAS device, use the clear statistics vn-service vpath EXEC command.
clear statistics vn-service vpath
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The clear statistics vn-service vpath command removes all current entries from the syslog.txt file but does not make an archive of the file. It puts a “Syslog cleared” message in the syslog.txt file to indicate that the syslog has been cleared.
Examples
The following example shows how to clear all VPATH entries in the syslog.txt file on the vWAAS device:
Related Commands
clear transaction-log
To archive a working transaction log file, use the clear transaction-log EXEC command.
clear transaction-log { accelerator | flow }
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to archive t he flow transaction log file on the WAAS device:
Related Commands
clear users
To clear user connections or to unlock users that have been locked out, use the clear users EXEC command.
clear users [ administrative | locked-out { all | username username }]
Syntax Description
(Optional) Clears the connections (logins) of administrative users authenticated through a remote login service. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
The clear users administrative command clears the connections for all administrative users who are authenticated through a remote login service, such as TACACS. This command does not affect an administrative user who is authenticated through the local database. Only locally authenticated administrative users can run this command.
The clear users locked-out command unlocks user accounts that have been locked out. If a strong password policy is enabled (see the (config) authentication strict-password-policy command) a user account will be locked out if the user fails three consecutive login attempts. (This restriction does not apply to the admin account.)
Examples
The following example shows how to clear the connections of all authenticated users:
The following example shows how to clear the connections of all administrative users authenticated through a remote login service (it does not affect administrative users authenticated through the local database):
The following example shows how to unlock all locked-out user accounts:
The following example shows how to unlock the account for username darcy:
Related Commands
clear windows-domain
To clear Windows domain server information for a WAAS device, use the clear windows-domain EXEC command.
clear windows-domain encryption-service blacklist { identity tagName | service spn }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the clear windows-domain EXEC command to clear Windows domain server information.
Examples
The following example shows how to clear the Windows domain server information:
Related Commands
clear windows-domain-log
To clear the Windows domain server log file, use the clear windows-domain-log EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to clear all entries in the Windows domain log file on the WAAS device:
Related Commands
clock
To set clock functions or update the calendar, use the clock EXEC command.
clock { read-calendar | set time day month year | update-calendar }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
If you have an outside source on your network that provides time services (such as a NTP server), you do not need to set the system clock manually. When setting the clock, enter the local time. The WAAS device calculates the UTC based on the time zone set by the clock timezone global configuration command.
Two clocks exist in the system: the software clock and the hardware clock. The software uses the software clock. The hardware clock is used only at bootup to initialize the software clock.
Examples
The following example shows how to set the software clock on the WAAS device:
Related Commands
cms
To configure the Centralized Management System (CMS) embedded database parameters for a WAAS device, use the cms EXEC command.
cms { config-sync | deregister [ force ] | lcm { enable | disable } | maintenance { full | regular } | recover { identity word } | restore filename | validate }
cms database { backup {config} | create | delete
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the cms config-sync command to enable registered WAAS devices and standby WAAS Central Manager to contact the primary WAAS Central Manager immediately for a getUpdate (get configuration poll) request before the default polling interval of 5 minutes. For example, when a node is registered with the primary WAAS Central Manager and activated, it appears as Pending in the WAAS Central Manager GUI until it sends a getUpdate request. The cms config-sync command causes the registered node to send a getUpdate request at once, and the status of the node changes as Online.
Use the cms database create command to initialize the CMS database for a device that is already registered with the WAAS Central Manager. Then use the cms enable command to enable the CMS. For a device that is not registered with a WAAS Central Manager, use only the cms enable command to initialize the CMS database tables, register the node, and enable the CMS.
Note For a vWAAS device, the model type must be configured before enabling management services.
Before a node can join a WAAS network, it must first be registered and then activated. Activate the node by using the WAAS Central Manager GUI.
The cms deregister command removes the node from the WAAS network by deleting registration information and database tables.
The cms deregister force command forces the removal of the node from the WAAS network by deleting registration information and database tables. If disk encryption is enabled on the device, it is disabled after you confirm this action. All data in encrypted file systems and imported certificates and private keys for the SSL accelerator are lost after a reload.
To back up the existing management database for the WAAS Central Manager, use the cms database backup command. For database backups, specify the following items:
The naming convention for backup files includes the time stamp and the WAAS version number.
After the backup is complete, use the copy disk ftp command to move the backup file to a remote system.
Note For information on the procedure to back up and restore the CMS database on the WAAS Central Manager, see the Cisco Wide Area Application Services Configuration Guide.
Note Do not run multiple instances of the cms database backup command simultaneously on a device. If a backup is in progress, you must wait for it to finish before using the command again.
When you use the cms recover identity word command when recovering lost registration information, or replacing a failed node with a new node that has the same registration information, you must specify the device recovery key that you configured in the Modifying Config Property, System.device.recovery.key window of the WAAS Central Manager GUI.
Note All CMS-related commands are disabled when running the cms restore command.
Use the lcm command to configure local/central management (LCM) on a WAE. The LCM feature allows settings that are configured using the device CLI or GUI to be stored as part of the WAAS network-wide configuration data (enable or disable).
When you enter the cms lcm enable command, the CMS process running on WAEs and the standby WAAS Central Manager detects the configuration changes that you made on these devices using CLIs and sends the changes to the primary WAAS Central Manager.
When you enter the cms lcm disable command, the CMS process running on the WAEs and the standby WAAS Central Manager does not send the CLI changes to the primary WAAS Central Manager. Settings configured using the device CLIs will not be sent to the primary WAAS Central Manager.
If LCM is disabled, the settings configured through the WAAS Central Manager GUI will overwrite the settings configured from the WAEs; however, this rule applies only to those local device settings that have been overwritten by the WAAS Central Manager when you have configured the local device settings. If you (as the local CLI user) change the local device settings after the particular configuration has been overwritten by the WAAS Central Manager, the local device configuration will be applicable until the WAAS Central Manager requests a full device statistics update from the WAEs (clicking the Force full database update button from the Device Dashboard window of the WAAS Central Manager GUI triggers a full update). When the WAAS Central Manager requests a full update from the device, the WAAS Central Manager settings will overwrite the local device settings.
Examples
The following example shows how to back up the cms database management tables on the WAAS Central Manager named waas-cm:
The following example shows how to validate the cms database management tables on the WAAS Central Manager named waas-cm:
Related Commands
cms secure-store
To configure secure store encryption, use the cms secure-store EXEC commands.
cms secure-store { init | open | change | clear | reset | mode { user-passphrase | auto-passphrase }}
Syntax Description
Defaults
A new Central Manager is configured for auto-generated passphrase mode with the secure store open.
Command Modes
Device Modes
Usage Guidelines
Secure store encryption provides strong encryption and key management for your WAAS system. The WAAS Central Manager and WAE devices use secure store encryption for handling passwords, managing encryption keys, and for data encryption.
On a new Central Manager, secure store is initialized and open and in auto-generated passphrase mode. The only options are to change the pass phrase (which sets the secure store to user-provided passphrase mode) or to change to user-provided passphrase mode. To change to user-provided passphrase mode, use the cms secure-store mode user-passphrase command.
Note There may be a delay of a few minutes for the any changes you submit with the cms secure-store command to take effect. There may also be a delay for any changes to take effect if you submit changes at the WAAS CM Configure > Security > Secure Store Settings window.
For secure store on the Central Manager, the data is encrypted using a key encryption key generated from the pass phrase with SHA-1 hashing and an AES 256-bit algorithm. When you enable secure store on a WAE device, the data is encrypted using a 256-bit key encryption key generated by SecureRandom, a cryptographically strong pseudorandom number. You can use your own password to enable secure store, but it is not necessary in auto-generated passphrase mode (the default), where the Central Manager generates a unique password automatically. A user-supplied password must conform to the following rules:
- Be 8 to 64 characters in length
- Contain characters only from the allowed set: A-Za-z0-9~%'!#$^&*()|;:,"<>/
- Contain at least one digit
- Contain at least one lowercase and one uppercase letter
If you are using the user-provided passphrase mode, when you reboot the Central Manager, you must manually reopen secure store using the cms secure-store open command. Until you open the secure store, a critical alarm is displayed on the Central Manager and services that use encryption (such as the SSL application accelerator) are not available. If you are using the auto-generated passphrase mode (the default), the Central Manager automatically opens the secure store after a reboot by using its own generated pass phrase.
The secure store passphrase mode on the primary Central Manager is replicated to the standby Central Manager (within the standard replication time). If the primary Central Manager is switched to auto-generated passphrase mode, the standby Central Manager secure store changes to the open state. If the primary Central Manager is switched to user-provided passphrase mode or the passphrase is changed, the standby Central Manager secure store changes to the initialized but not open state and an alarm is raised. You must manually open the secure store on the standby Central Manager.
When you enable secure store on a WAE, the WAE initializes and retrieves a new encryption key from the Central Manager. The WAE uses this key to encrypt user passwords and dynamic share credentials stored on the WAE. When you reboot the WAE after enabling secure store, the WAE retrieves the key from the Central Manager automatically, allowing normal access to the data that is stored in the WAAS persistent storage. If key retrieval fails, an alarm is raised and secure store will be in the initialized but not open state. You must open secure store manually.
If you have made any other CLI configuration changes on a WAE within the datafeed poll rate time interval (5 minutes by default) before you entered the cms secure-store command, you will lose those prior configuration changes and you will need to redo them.
Use the cms secure-store reset command if you reload a Central Manager that is configured in user-provided passphrase mode and you forget the secure store password. This command deletes all encrypted data, certificate and key files, and key manager keys. The secure store is left in the open state using auto-generated passphrase mode. For the complete procedure for resetting the secure store, see the “Resetting Secure Store Encryption on a Central Manager” section on page 9-17 in the Cisco Wide Area Application Services Configuration Guide.
Examples
The following example shows how to change the pass phrase mode of the secure store encryption on the WAAS Central Manager:
Related CommandsRelated Commands
configure
To enter global configuration mode, use the configure EXEC command. You must be in global configuration mode to enter global configuration commands.
To exit global configuration mode, use the end or exit commands. You can also press Ctrl-Z to exit from global configuration mode.
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to enable global configuration mode on a WAAS device:
Related Commands
copy disk
To copy the configuration or image data from a disk to a remote location using FTP or to the startup configuration, use the copy disk EXEC command.
copy disk { ftp { hostname | ip-address } remotefiledir remotefilename localfilename | startup-config filename }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy disk ftp EXEC command to copy files from a SYSFS partition to an FTP server. Use the copy disk startup-config EXEC command to copy a startup-configuration file to NVRAM.
Examples
The following example shows how to copy a startup-configuration file to NVRAM:
Related Commands
copy ftp
To copy software configuration or image data from an FTP server, use the copy ftp EXEC command.
copy ftp disk { hostname | ip-address } remotefiledir remotefilename localfilename
copy ftp install { hostname | ip-address } remotefiledir remotefilename
copy ftp wow-recovery { hostname | ip-address } remotefiledir remotefilename
Syntax Description
Directory on the FTP server where the image file to be copied is located. |
|
Copies the file from an FTP server and installs the software release or firmware file to the local device. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy ftp disk EXEC command to copy a file from an FTP server to a SYSFS partition on the WAAS device. To show progress, this command prints a number sign (#) for each 1 MB of data that is copied.
Use the copy ftp install EXEC command to install an image file from an FTP server on a WAAS device. Part of the image goes to a disk and part goes to flash memory. This command can also be used to install a BIOS or other firmware update by specifying the appropriate update file.
You can also use the copy ftp install EXEC command to redirect your transfer to a different location. A username and a password have to be authenticated with a primary domain controller (PDC) before the transfer of the software release file to the WAAS device is allowed.
To show progress, this command prints a number sign (#) for each 1 MB of data that is copied.
Examples
The following example shows how to copy an image file from an FTP server and install the file on the local device:
The following example shows how to upgrade the BIOS. All output is written to a separate file (/local1/.bios_upgrade.txt) for traceability. The hardware-dependent files that are downloaded from Cisco.com for the BIOS upgrade are automatically deleted from the WAAS device after the BIOS upgrade procedure has been completed.
Related Commands
copy http
To copy configuration or image files from an HTTP server to the WAAS device, use the copy http EXEC command.
copy http install { hostname | ip-address } remotefiledir remotefilename [ port portnum ] [ proxy proxy_portnum ] [ username username password ]
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy http install EXEC command to install an image file from an HTTP server and install it on a WAAS device. It transfers the image from an HTTP server to the WAAS device using HTTP as the transport protocol and installs the software on the device. Part of the image goes to a disk and part goes to flash memory. Use the copy http central EXEC command to download a software image into the repository from an HTTP server.
You can also use the copy http install EXEC commands to redirect your transfer to a different location or HTTP proxy server by specifying the proxy hostname | ip-address option. A username and a password have to be authenticated with a primary domain controller (PDC) before the transfer of the software release file to the WAAS device is allowed.
Examples
The following example shows how to copy an image file from an HTTP server and install the file on the WAAS device:
The following example shows how to upgrade the BIOS. All output is written to a separate file (/local1/.bios_upgrade.txt) for traceability. The hardware-dependent files that are downloaded from Cisco.com for the BIOS upgrade are automatically deleted from the WAAS device after the BIOS upgrade procedure has been completed.
Related Commands
copy monitoring-log
To copy SMB statistics data to the local disk or an FTP server, use the copy monitoring-log EXEC command.
copy monitoring-log { disk filename | ftp { hostname | ip-address } remotefiledir remotefilename }
Syntax Description
Copies the statistics in CSV format to the specified local disk file in the /local/local1 directory. |
|
Copies the statistics in CSV format to the specified remote file on an FTP server. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
Use this command to write the last 14 days of statistics data that has been collected by the stats-collector logging global configuration command. The data is written as a CSV file compressed in tar archive format.
Examples
The following example shows how to copy statistics data to an FTP server:
Related Commands
copy running-config
To copy a configuration or image data from the current configuration, use the copy running-config EXEC command.
copy running-config { disk filename | startup-config | tftp { hostname | ip-address } remotefilename }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy running-config EXEC command to copy the running system configuration of the WAAS device to a SYSFS partition, flash memory, or TFTP server. The copy running-config startup-config EXEC command is equivalent to the write memory EXEC command.
Examples
The following example shows how to copy the current system configuration to startup configuration (NVRAM):
Related Commands
copy scp
To securely copy configuration or image files from a source to a destination location, use the copy scp EXEC command.
copy scp { { disk { hostname | ip-address} remote_dir remote_file local_file} | { install { hostname | ip-address } remote_dir remote_file }}
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy scp disk EXEC command to copy a file from an SCP server to a SYSFS partition on the WAAS device.
Use the copy scp install EXEC command to install a software release or firmware file from an SCP server on a WAAS device.
Examples
The following example shows how to securely install the software release or firmware file from a source to a destination location:
Related Commands
copy secure-http
To securely copy configuration or image files from a source http server, use the copy secure-http EXEC command.
copy secure-http install {hostname | ip-address}
copy secure-http install usb filename
Copies the file from a source server and installs the software release or firmware file to the local device. |
|
The filename on the USB flash drive installed in a WAVE or ENCS device. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy secure-http install EXEC command to copy and install a software release from a secure HTTP server on a WAAS device.
Examples
The following example shows how to securely install the software release or firmware file from a sourcehttp server to a destination location:
Related Commands
copy startup-config
To copy configuration or image data from the startup configuration, use the copy startup-config EXEC command.
copy startup-config { disk filename | running-config | tftp { hostname | ip-address } remotefilename }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy startup-config EXEC command to copy the startup configuration file to a TFTP server or to a SYSFS partition.
Examples
The following example shows how to copy the startup configuration file to the running configuration:
Related Commands
copy sysreport
To copy system troubleshooting information from the device, use the copy sysreport EXEC command.
copy sysreport disk filename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]
copy sysreport ftp { hostname | ip-address } remotedirectory remotefilename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]
copy sysreport scp { hostname | ip-address } remotedirectory remotefilename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]
copy sysreport tftp { hostname | ip-address } remotefilename } [ start-date { day month | month day } year [ end-date { day month | month day } year ]]
copy sysreport usb filename [ start-date { day month | month day } year [ end-date { day month | month day } year ]]
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
A system report is a comprehensive report, which you must generate before contacting Cisco technical support. The system report contains output from many commands and system logs, including show commands, network and other statistics, graphs, log content, and configuration settings.
Note The copy sysreport command consumes significant CPU and disk resources and can adversely affect system performance while it is running. The system report can be from 30 MB to 100MB in size, or larger, depending on your system configuration.
– Before generating a system report, use the test command to run diagnostic tests, so that diagnostic information is also included in the system report.
– Before generating a system report on a WAAS CM or standby WAAS CM, make a database backup by using the cms database backup command.
- To generate a system report and store it on an FTP server, use the following form of the sysreport command:
- Generating the system report:
When you run the copy sysreport disk command, the system report must be saved to the local1 directory.
Note When you run the copy sysreport disk command, the system report save process differs depending on the version of WAAS you are running.
For WAAS versions 6.1.x and later, the copy sysreport disk command saves the system report to the present working directory. Therefore, you must be in the local1 directory path when you run the copy sysreport disk command. If you are not in the local1 directory, the error message “Could not generate sysreport in location your-current-location” is displayed.
To display your present working directory, use the pwd command. To change your directory, use the cd command.
For WAAS versions earlier than 6.1.x, the copy sysreport disk command saves the system report to the local1 directory, irregardless of your present working directory. Therefore, you can be in any system directory when you run the copy sysreport disk command, and the system report is saved to the local1 directory.
Because the system report is such a large file, after you run the copy sysreport disk command, move the report file out of the disk, to save significant disk space. To do this, follow these steps:
1. WAE# copy generatedSysreport-name ftp server-name
The generated system report is copied from the current disk location and a copy is stored to a non-current-disk destination.
2. WAE# delfile generatedSysreport-name
The original generated system report on the current disk is deleted.
Examples
The following example shows how to copy the system information to the file mysysinfo on the local WAAS device:
The following example shows how to copy system information by FTP to the file myfile in the root directory of the FTP server named myserver:
Related Commands
copy system-status
To copy status information from the system for debugging, use the copy system-status EXEC command.
copy system-status disk filename
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy system-status EXEC command to create a file on a SYSFS partition that contains hardware and software status information.
Examples
The following example shows how to copy the system status to a disk file:
Related Commands
copy tech-support
To copy the configuration or image data from the system to use when working with Cisco TAC, use the copy tech-support EXEC command.
copy tech-support { disk filename | ftp { hostname | ip-address } remotedirectory remotefilename | scp { hostname | ip-address} remotedirectory remotefilename | tftp { hostname | ip-address } remotefilename }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the copy tech-support tftp EXEC command to copy technical support information to a TFTP server or to a SYSFS partition.
Examples
The following example shows how to copy system information for tech support to a disk file:
Related Commands
copy tftp
To copy configuration or image data from a TFTP server, use the copy tftp EXEC command.
copy tftp disk { hostname | ip-address } remotefilename localfilename
copy tftp running-config { hostname | ip-address } remotefilename
copy tftp startup-config { hostname | ip-address } remotefilename
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to copy configuration or image data from a TFTP server to the running configuration:
Related Commands
cpfile
To make a copy of a file, use the cpfile EXEC command.
cpfile oldfilename newfilename
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Examples
The following example shows how to create a copy of a file:
Related Commands
crypto delete
To remove SSL certificate and key files, use the crypto delete EXEC command.
crypto delete {ca-certificate filename | pkcs12 {filename | admin }}
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the crypto delete EXEC command to remove a certificate from your WAE’s secure store. If you only want to disassociate a certificate from an accelerated service, use no server-cert-key in crypto ssl services accelerated-service mode.
If you use the crypto delete pkcs12 admin command to delete a custom certificate and key that were installed for the Central Manager admin service, the admin service uses its built-in self-signed certificate.
Examples
The following example shows how to delete the CA certificate file mycert.ca:
Related Commands
crypto export
To export SSL certificate and key files, use the crypto export EXEC command.
crypto export {ca-certificate filename | pkcs12 { factory-self-signed | admin | filename} {pem-cert-key | pem-cert-only | pem-key-only | pkcs12}}{disk pathname | ftp address | sftp address | terminal | tftp address}
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to export a CA certificate file named mycert.ca to an FTP server:
The following example shows how to export the certificate and private key from a PKCS12 file named myfile.p12 to a PEM file on the local1 directory on the hard drive:
Related Commands
crypto generate
To generate a self-signed certificate or a certificate signing request, use the crypt generate EXEC command.
crypto generate {csr rsa modulus {1024 | 1536 | 2048 | 512 | 768}{disk pathname | ftp address | sftp address | terminal | tftp address} | self-signed-cert filename [exportable] rsa modulus {1024 | 1536 | 2048 | 512 | 768}}
Syntax Description
Specifies the size (number of bits) used for the RSA modulus for a CSR or a self-signed certificate. Note The valid size for the RSA modulus for a self-signed certificate is dependent on the WAAS Version used. Refer to the crypto generate command Usage Guidelines for how to specify the RSA modulus size for WAAS Version 6.1.x and earlier, and for WAAS Version 6.2.x and later. |
|
Generates the file to a disk. Type the disk filename including the full path. |
|
Generates the file to FTP. Type the FTP server’s IP address or hostname. |
|
Generates the file to secure FTP. Type the secure FTP server’s IP address or hostname. |
|
Generates the file to TFTP. Type the TFTP server’s IP address or hostname. |
|
Generates a self-signed SSL encryption certificate. The filename of the self-signed certificate to be generated must have the.p12 file extension. |
|
(Optional) Allows the self-signed certificate to be exported. |
|
Specifies the size of the RSA modulus to be used when generating the self-signed certificate. |
Defaults
Command Modes
Device Modes
Usage Guidelines
The valid size (number of bits) for the RSA modulus for a self-signed certificate is dependent on the WAAS version:
Note A self-signed certificate on WAAS Version 6.1.x or earlier with an RSA modulus size of 512 is not compatible with Mozilla FireFox Version 39 and later, or with Google Chrome Version 48 and later. A self-signed certificate on WAAS Version 6.1.x or earlier with an RSA modulus size of 512 is compatible with Internet Explorer 8 and later.
If you have previously configured the RSA modulus size as 512: to access the WAAS CM with Mozilla FireFox Version 39 and later, or with Google Chrome Version 48 and later, you must regenerate the self-signed certificate with an RSA modulus size of 2048, and then upgade to the specified version of Mozilla FireFox or Google Chrome.
Examples
The following example shows how to create an exportable self-signed certificate. The certificate file is named myfile.p12 and is created using a 2048-bit RSA modulus.
Related Commands
crypto import
To import SSL certificates and key files, use the crypto import EXEC command.
crypto import ca-certificate filename {disk pathname | ftp host | http host | scep url | sftp host | terminal | tftp host}
crypto import pkcs12 {filename | admin} [exportable] [ignore-cert-chain-order] pem-cert-key {disk pathname | ftp host | http host | scep url | sftp host | terminal | tftp host}
crypto import pcsk12 {filename | admin} [exportable] [ignore-cert-chain-order] pkcs12 {disk pathname | ftp host | http host | sftp host | terminal | tftp host}
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The Central Manager admin service uses a self-signed certificate and key by default. You can use the crypto import pkcs12 admin command to import a custom certificate and key in PKCS12 or PEM format. If you delete the custom certificate and key, the self-signed certificate and key again become active.
Note DSA certificates and keys cannot be imported.
Examples
The following example shows how to import a CA certificate file named mycert.ca from a TFTP server:
Related Commands
crypto pki
To initialize the PKI managed store, use the crypto pki EXEC command.
crypto pki managed-store initialize
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to initialize the PKI managed store:
Related Commands
debug aaa accounting
To monitor and record AAA accounting debugging, use the debug aaa accounting EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable AAA accounting debug monitoring:
Related Commands
debug aaa authorization
To monitor and record AAA authorization debugging, use the debug aaa authorization EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable AAA authorization debug monitoring:
Related Commands
debug accelerator
To monitor and record accelerator debugging, use the debug accelerator EXEC command. To disable debugging, use the undebug form of this command.
debug accelerator generic [ connection | misc | shell | stats | all ]
no debug accelerator generic [ connection | misc | shell | stats | all ]
debug accelerator http [ bypass-list | cli | conditional-response | connection | dre-hints | metadatacache | redirect-response | shell | subnet | supress-server-encoding | transaction | unauthorized-response | all ]
no debug accelerator http [ bypass-list | cli | conditional-response | connection | dre-hints | metadatacache | redirect-response | shell | subnet | supress-server-encoding | transaction | unauthorized-response | all ]
debug accelerator mapi [ all | Common-flow | DCERPC-layer | EMSMDB-layer | IO | ROP-layer | ROP-parser | RPCHTTP-layer | RCP-parser | shell | Transport | Utilities ]
no debug accelerator mapi [ all | Common-flow | DCERPC-layer | EMSMDB-layer | IO | ROP-layer | ROP-parser | RPCHTTP-layer | RCP-parser | shell | Transport | Utilities ]
debug accelerator ica [ all | ao-connectionmgr | ao-parser | cgp | connection | crypto | detectionparser | failure | hash | ica | initialization | io | main | pipe | shell ]
no debug accelerator ica [ all | ao-connectionmgr | ao-parser | cgp | connection | crypto | detectionparser | failure | hash | ica | initialization | io | main | pipe | shell ]
debug accelerator smb [ cli | cmd-close | cmd-create | cmd-lock | cmd-others | cmd-query-info | cmd-read | cmd-set-info | cmd-write | flow | large-data-flush | lock-manager | meta-data | named-pipe | not-found-cache | packeter | parser | read-ahead | shell | vfn | all ]
no debug accelerator smb [ cli | cmd-close | cmd-create | cmd-lock | cmd-others | cmd-query-info | cmd-read | cmd-set-info | cmd-write | flow | large-data-flush | lock-manager | meta-data | named-pipe | not-found-cache | packeter | parser | read-ahead | shell | vfn | all ]
debug accelerator ssl [ accelerated-svc | alarm | all | am | am-generic-svc | bio | ca | ca-pool | cipherlist | client-to-server | dataserver | flow-shutdown | generic | ocsp | oom-manager | openssl-internal | parser | peering-svc | session-cache | shell | sm-alert | sm-generic | sm-io | sm-pipethrough | synchronization | verify | waas-to-waas ]
no debug accelerator ssl [ accelerated-svc | alarm | all | am | am-generic-svc | bio | ca | ca-pool | cipherlist | client-to-server | dataserver | flow-shutdown | generic | ocsp | oom-manager | openssl-internal | parser | peering-svc | session-cache | shell | sm-alert | sm-generic | sm-io | sm-pipethrough | synchronization | verify | waas-to-waas ]
debug accelerator wansecure [ all | flow | mux | ocsp | shell | ssl ]
no debug accelerator wansecure [ all | flow | mux | ocsp | shell | ssl ]
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The output associated with the debug accelerator name module command for an application accelerator is written to the file name ao-errorlog.current, where name is the accelerator name. The accelerator information manager debug output is written to the file aoim-errorlog.current.
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all accelerator debug monitoring:
Related Commands
debug accelerator http object-cache
To enable object-cache debugging, use the debug accelerator http object-cache EXEC command.
debug accelerator http object-cache {all | configuration | gate-keeper | logger | preposition | response-headers | statistics | traffic-plugin}
Syntax Description
Command Default
Command Modes
Device Modes Default
Usage Guidelines
Use the debug accelerator http object-cache EXEC command to enable debugging for all object-cache debugging, or to specifying debugging for a particular object-cache area, such as configuration, cache preposition, or statistics.
Examples
The following example shows how to enable debugging for all parameters for the HTTP object cache:
debug accelerator mapi rpchttp-layer
To enable debugging of the MAPI RPC HTTP accelerator, use the debug accelerator mapi rpchttp EXEC command. To disable debugging, use the no form of this command.
debug accelerator mapi rpchttp-layer
no debug accelerator mapi rpchttp -layer
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the debug accelerator mapi rpchttp-layer EXEC command to enable debugging of the mapi RPC HTTP application accelerator.
Examples
The following example shows how to enable debugging for the MAPI object cache i/o:
Related Commands
debug all
To monitor and record all debugging, use the debug all EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all debug monitoring:
Related Commands
debug appnav-controller connection
To enable connection-specific debugging on an AppNav Controller Interface Module, use the debug appnav-controller connection EXEC command. To disable debugging, use the undebug form of this command.
debug appnav-controller connection access-list acl-name
undebug appnav-controller connection
Syntax Description
Enables access list connection debugging. Access list name is an alphanumeric identifier up to 30 characters, beginning with a letter. |
Defaults
Command Modes
Device Modes
Usage Guidelines
The ACL specified in this command is shared by the monitor appnav-controller traffic and packet-capture commands.
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable connection-specific debug monitoring for an AppNav Controller Interface Module:
Related Commands
debug appnav-controller drop capture
To enable debugging on an AppNav Controller Interface Module to capture dropped packets, use the debug appnav-controller drop capture EXEC command. To disable debugging, use the no form of this command.
debug appnav-controller drop capture index index limit limit
no debug appnav-controller drop capture
Syntax Description
The maximum size of the packet capture file. The default limit is 65535. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
To display the index, use the show controllers np counters direct-access drop command.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to a new log file in PCAP format.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to show dropped packets for the AppNav Controller Interface Module using an index of 20 and a limit of 500:
Related Commands
debug authentication
To monitor and record authentication debugging, use the debug authentication EXEC command. To disable debugging, use the undebug form of this command.
debug authentication { user | windows-domain }
undebug authentication { user | windows-domain }
Syntax Description
Enables debugging of the user login against the system authentication. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable user authentication debug monitoring, verify that it is enabled, and then disable debug monitoring:
Related Commands
debug auto-discovery
To trace connections in the auto discovery module, use the debug auto-discovery EXEC command. To disable debugging, use the undebug form of this command.
debug auto-discoveryconnection
undebug auto-discovery connection
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable auto discovery connection debugging:
Related Commands
debug buf
To monitor and record buffer manager debugging, use the debug buf EXEC command. To disable debugging, use the undebug form of this command.
debug buf { all | dmbuf | dmsg }
undebug buf { all | dmbuf | dmsg }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all buffer manager debug monitoring:
Related Commands
debug cdp
To monitor and record CDP debugging, use the debug cdp EXEC command. To disable debugging, use the undebug form of this command.
debug cdp { adjacency | events | ip | packets }
undebug cdp { adjacency | events | ip | packets }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable CDP events debug monitoring:
Related Commands
debug cli
To monitor and record CLI debugging, use the debug cli EXEC command. To disable debugging, use the undebug form of this command.
debug cli { all | bin | parser }
undebug cli { all | bin | parser }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all CLI debug monitoring:
Related Commands
debug cmm
To monitor and record cluster membership manager debugging, use the debug cmm EXEC command. To disable debugging, use the undebug form of this command.
debug cmm { all | cli | events | ipc | misc | packets | shell | timers }
undebug cmm { all | cli | events | ipc | misc | packets | shell | timers }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all cmm debug monitoring:
Related Commands
debug cms
To monitor and record CMS debugging, use the debug cms EXEC command. To disable debugging, use the undebug form of this command.
debug cms{router-config | stats}
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable CMS debug monitoring:
Related Commands
debug connection
To enable connection-specific debugging, use the debug connection EXEC command. To disable debugging, use the undebug form of this command.
debug connection { all | access-list acl-name }
undebug connection { all | access-list acl-name }
Syntax Description
Enables access list connection debugging. Access list name is an alphanumeric identifier up to 30 characters, beginning with a letter. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all connection-specific debug monitoring:
Related Commands
debug controllers
To monitor and record interface controller capture debugging, use the debug controllers EXEC command. To disable debugging, use the undebug form of this command.
debug controllers NP { crash-dump | dump-cfg }
undebug controllers NP { crash-dump | dump-cfg }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to request a crash dump:
Related Commands
debug dataserver
To monitor and record data server debugging, use the debug dataserver EXEC command. To disable debugging, use the undebug form of this command.
debug dataserver { all | clientlib | server }
undebug dataserver { all | clientlib | server }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all data server debug monitoring:
Related Commands
debug dhcp
To monitor and record DHCP debugging, use the debug dhcp EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable DHCP debug monitoring:
Related Commands
debug dre
To monitor and record DRE debugging, use the debug dre EXEC command. To disable debugging, use the undebug form of this command.
debug dre { aggregation | all | cache | chunking | connection { aggregation [ acl ] | cache [ acl ] | chunking [ acl ] | core [ acl ] | message [ acl ] | misc [ acl ] | acl } | core | lz | message | misc | nack | packet }
undebug dre { aggregation | all | cache | chunking | connection { aggregation [ acl ] | cache [ acl ] | chunking [ acl ] | core [ acl ] | message [ acl ] | misc [ acl ] | acl } | core | lz | message | misc | nack | packet }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all DRE debug monitoring:
Related Commands
debug egress-method
To monitor and record egress method debugging, use the debug egress-method EXEC command. To disable debugging, use the undebug form of this command.
debug egress-method connection
undebug egress-method connection
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all egress method debug monitoring:
Related Commands
debug encryption-service
To monitor and record encryption service debugging, use the debug encryption-service EXEC command. To disable debugging, use the undebug form of this command.
debug encryption-service { all | application-layer | cfgmgr | dcerpc-layer | gss | io | secure-store | server | shell | transport-lib | utilities }
undebug encryption-service { all | application-layer | cfgmgr | dcerpc-layer | gss | io | secure-store | server | shell | transport-lib | utilities }
Syntax Description
Enables debugging of the encryption services application layer. |
|
Enables debugging of the encryption services configuration manager. |
|
Enables debugging of the encryption services transport library. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable debugging of all encryption services components:
Related Commands
debug fda
To monitor and record flow distribution agent debugging, use the debug fda EXEC command. To disable debugging, use the undebug form of this command.
debug fda { all | events | infra | messages }
undebug fda { all | events | infra | messages }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all flow distribution agent debug monitoring:
Related Commands
debug fdm
To monitor and record flow distribution manager debugging, use the debug fdm EXEC command. To disable debugging, use the undebug form of this command.
debug fdm { all | events | infra | messages }
undebug fdm { all | events | infra | messages }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all flow distribution manager debug monitoring:
Related Commands
debug filtering
To trace filtering connections setup, use the debug filtering EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable filtering module connection debugging:
Related Commands
debug flow
To monitor and record network traffic flow debugging, use the debug flow EXEC command. To disable debugging, use the undebug form of this command.
debug flow monitor type performance-monitor tcpstat-v1
undebug flow monitor type performance-monitor tcpstat-v1
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable network traffic flow debug monitoring:
Related Commands
debug generic-gre
To monitor and record generic GRE egress method debugging, use the debug generic-gre EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable generic GRE egress method debug monitoring:
Related Commands
debug hw-raid
To monitor and record hardware RAID debugging, use the debug hw-raid EXEC command. To disable debugging, use the undebug form of this command.
debug hw-raid { all | cli | daemon }
undebug hw-raid { all | cli | daemon }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all hardware RAID debug monitoring:
Related Commands
debug imd
To monitor and record interface manager debugging, use the debug imd EXEC command. To disable debugging, use the undebug form of this command.
debug imd { all | cli | infra | nprm | stats }
undebug fdm { all | cli | infra | nprm | stats }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all interface manager debug monitoring:
Related Commands
debug inline
To enable inline module debugging, use the debug inline EXEC command. To disable debugging, use the undebug form of this command.
debug inline { debug | info | warn }
undebug inline { debug | info | warn }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to set the log level for inline modules to warning level:
Related Commands
debug key-manager
To monitor and record key manager debugging, use the debug key-manager EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable monitoring API debug monitoring:
Related Commands
debug logging
To monitor and record logging debugging, use the debug logging EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all logging debug monitoring:
Related Commands
debug monapi
To monitor and record monitor API debugging, use the debug monapi EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable monitoring API debug monitoring:
Related Commands
debug nplogd
To monitor and record NP log daemon debugging, use the debug nplogd EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable NP log daemon debug monitoring:
Related Commands
debug ntp
To monitor and record NTP debugging, use the debug ntp EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable NTP debug monitoring:
Related Commands
debug object-cache database
To enable debugging of the object cache database, use the debug object-cache database EXEC command. To disable debugging, use the no form of this command.
no debug object-cache database
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the debug object-cache database EXEC command to enable debugging for the object cache database.
Examples
The following example shows how to enable debugging for the object cache database.
Related Commands
debug object-cache existence-cache
To enable debugging of the object cache existence cache database, use the debug object-cache existence-cache database EXEC command. To disable debugging, use the no form of this command.
debug object-cache existence-cache
no debug object-cache existence-cache
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the debug object-cache existence-cache EXEC command to enable debugging for the existence cache, which maintains information on whether or not an object is present in the object databases.
Examples
The following example shows how to enable debugging for the object cache existence cache.
Related Commands
debug object-cache load-monitor
To enable debugging of the object cache load monitor function, use the debug object-cache load-monitor enable EXEC command. To disable debugging, use the no form of this command.
debug object-cache load-monitor
no debug object-cache load-monitor
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the debug object-cache load-monitor EXEC command to enable debugging of the object cache load monitor function, which monitors disk load and usage.
Examples
The following example shows how to enable debugging for the object cache load monitor function.
Related Commands
debug punt
To monitor and record punt handler debugging, use the debug punt EXEC command. To disable debugging, use the undebug form of this command.
debug punt { all | module | packets | socket }
undebug punt { all | module | packets | socket }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all punt handler debug monitoring:
Related Commands
debug rbcp
To monitor and record RBCP debugging, use the debug rbcp EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable RBCP debug monitoring:
Related Commands
debug rmd
To monitor and record route manager debugging, use the debug rmd EXEC command. To disable debugging, use the undebug form of this command.
debug rmd { all | cli | infra | nprm }
undebug rmd { all | cli | infra | nprm }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all route manager debug monitoring:
Related Commands
debug rpc
To monitor and record remote procedure calls (RPC) debugging, use the debug rpc EXEC command. To disable debugging, use the undebug form of this command.
undebug rpc { detail | trace }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable RPC detail debug monitoring:
Related Commands
debug service-insertion
To trace connections in the service-insertion module, use the debug service-insertion EXEC command. To disable debugging, use the undebug form of this command.
debug service-insertion connection
undebug service-insertion connection
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all service-insertion module debug monitoring:
Related Commands
debug service-policy
To monitor and record service policy debugging, use the debug service-policy EXEC command. To disable debugging, use the undebug form of this command.
debug service-policy type { appnav | waas }
undebug service-policy type { appnav | waas }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable WAAS service policy debug monitoring:
Related Commands
debug snmp
To monitor and record SNMP debugging, use the debug snmp EXEC command. To disable debugging, use the undebug form of this command.
debug snmp { all | cli | main | mib | traps }
undebug snmp { all | cli | main | mib | traps }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all SNMP debug monitoring:
Related Commands
debug standby
To enable standby debugging, use the debug standby EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
(Optional) Enables standby debugging using all debug features. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all standby debug monitoring:
Related Commands
debug statistics
To monitor and record statistics debugging, use the debug statistics EXEC command. To disable debugging, use the undebug form of this command.
debug statistics { all | ao | client | collector | ipc | messages | serializer | sqm }
undebug statistics { all | ao | client | collector | ipc | messages | serializer | sqm }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all statistics debug monitoring:
Related Commands
debug synq
To trace synq connections setup, use the debug synq EXEC command. To disable debugging, use the undebug form of this command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable synq module connection debugging:
Related Commands
debug tfo
To monitor and record TFO flow optimization debugging, use the debug tfo EXEC command. To disable debugging, use the undebug form of this command.
debug tfo {all | buffer-mgr | dre-flow | netio | scheduler }
undebug tfo {all | buffer-mgr | dre-flow | netio | scheduler }
Syntax Description
Enables TFO connection debugging for the network input/output module. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable all TFO flow optimization debug monitoring:
Related Commands
debug translog
To monitor and record transaction logging debugging, use the debug translog EXEC command. To disable debugging, use the undebug form of this command.
debug translog { detail | export | info }
undebug translog { detail | export | info }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable transaction logging detail debug monitoring:
Related Commands
debug wafs
To set the log level of the WAFS Device Manager component, use the debug wafs EXEC command. To disable debugging, use the undebug form of this command.
debug wafs manager { debug | error | info | warn }
undebug wafs manager { debug | error | info | warn }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to set the log level for all WAFS components to error level:
Related Commands
debug wccp
To monitor and record WCCP information debugging, use the debug wccp EXEC command. To disable debugging, use the undebug form of this command.
debug wccp { all | detail | error | events | keepalive | packets }
undebug wccp { all | detail | error | events | keepalive | packets }
Syntax Description
Enables the debugging for WCCP keepalives that are sent to the applications. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
Because the performance of the WAAS device degrades when you use the debug command, we recommend that you use this command only at the direction of Cisco TAC. For more information, see the “$paratext>” section.
If the watchdog utility is not running, the message “WAAS is not running” appears.
Use the show debugging command to display enabled debug options.
The output associated with the debug command is written to either the syslog file in /local1/syslog.txt or the debug log associated with the module in the file /local1/errorlog/ module_name -errorlog.current.
The debug log file associated with a module will be rotated to a backup file when the current file reaches its maximum size. The backup files are named as follows: name -errorlog. #, where # is the backup file number.
For any debug command, system logging must be enabled. The command to enable logging is the logging disk enable global configuration command, which is enabled by default.
If a debug command module uses the syslog for debug output, then you must use the logging disk priority debug global configuration command (the default is logging disk priority notice).
If a debug command module uses the debug log for output, then the output can be filtered based on the priority level configuration for the four different levels of debug log output, as follows:
- For filtering on critical debug messages only, use the logging disk priority critical g lobal configuration command.
- For filtering on critical and error level debug messages, use the logging disk priority error global configuration command.
- For filtering on critical, error, and trace debug level debug messages, use the logging disk priority debug global configuration command.
- For seeing all debug log messages, which include critical, error, trace and detail messages, use the logging disk priority detail global configuration command.
Regardless of the priority level configuration, any syslog messages at the LOG_ERROR or higher priority will be automatically written to the debug log associated with a module.
We recommend that you use the debug and undebug commands only at the direction of Cisco Systems technical support personnel.
Examples
The following example shows how to enable WCCP information debug monitoring:
Related Commands
delfile
To delete a file from the current directory, use the delfile EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the delfile EXEC command to remove a file from a SYSFS partition on the disk drive of the WAAS device.
Examples
The following example shows how to delete a temporary file from the /local1 directory using an absolute path:
Related Commands
deltree
To remove a directory with all of its subdirectories and files, use the deltree EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the deltree EXEC command to remove a directory and all files within the directory from the WAAS SYSFS file system. No warning is given that you are removing the subdirectories and files.
Note Make sure that you do not remove files or directories required for the WAAS device to function properly.
Examples
The following example shows how to delete the testdir directory from the /local1 directory:
Related Commands
dir
To view details of one file or all files in a directory, use the dir EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the dir EXEC command to view a detailed list of files contained within the working directory, including information about the file name, size, and time created. The lls EXEC command produces the same output.
Examples
The following example shows how to create a detailed list of all the files for the current directory:
------------- ------------------------- -----------
4096 Fri Feb 24 14:40:00 2006 <DIR> actona
4096 Tue Mar 28 14:42:44 2006 <DIR> core_dir
4096 Wed Apr 12 20:23:10 2006 <DIR> crash
4506 Tue Apr 11 13:52:45 2006 dbupgrade.log
4096 Tue Apr 4 22:50:11 2006 <DIR> downgrade
4096 Sun Apr 16 09:01:56 2006 <DIR> errorlog
4096 Wed Apr 12 20:23:41 2006 <DIR> logs
16384 Thu Feb 16 12:25:29 2006 <DIR> lost+found
4096 Wed Apr 12 03:26:02 2006 <DIR> sa
24576 Sun Apr 16 23:38:21 2006 <DIR> service_logs
4096 Thu Feb 16 12:26:09 2006 <DIR> spool
9945390 Sun Apr 16 23:38:20 2006 syslog.txt
10026298 Thu Apr 6 12:25:00 2006 syslog.txt.1
10013564 Thu Apr 6 12:25:00 2006 syslog.txt.2
10055850 Thu Apr 6 12:25:00 2006 syslog.txt.3
10049181 Thu Apr 6 12:25:00 2006 syslog.txt.4
4096 Thu Feb 16 12:29:30 2006 <DIR> var
508 Sat Feb 25 13:18:35 2006 wdd.sh.signed
The following example shows how to display the detailed information for only the logs directory:
Related Commands
disable
To turn off privileged EXEC commands, use the disable EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the WAAS software CLI EXEC mode for setting, viewing, and testing system operations. This command mode is divided into two access levels, user and privileged. To access privileged-level EXEC mode, enter the enable EXEC command at the user access level prompt and specify the admin password when prompted for a password.
The disable command places you in the user-level EXEC shell (notice the prompt change).
Examples
The following example shows how to enter the user-level EXEC mode from the privileged EXEC mode:
Related Commands
disk
To configure disks on a WAAS device, use the disk EXEC command.
disk delete-partitions diskname
disk disk-name diskxx enable force
disk disk-name disk xx replace
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
- The WAAS software supports hot-swap functionality for both failed disk replacement and scheduled disk maintenance. On the WAE-612, use the disk disk-name diskxx shutdown global configuration command to shut down a disk for scheduled disk maintenance. (For the scheduled disk maintenance procedure, see the chapter “Maintaining Your WAAS System” in the Cisco Wide Area Application Services Configuration Guide.)
– The disk hot-swap functionality automatically disables a failed disk if the system detects one critical disk alarm. The software removes the failed disk automatically regardless of the setting for disk error-handling.
– For WAE-612 models, when you replace a failed disk that was automatically disabled by the software, use the disk insert EXEC command to bring the disk back into service. For all other models, see the (config) disk disk-name command section.
- To identify which disks have been identified as failed or bad, use the show disks failed-disk-id EXEC command. Do not reinsert any disk with a serial number shown in this list.
- Use the disk delete-partitions EXEC command to remove all disk partitions on a single disk drive on a WAAS device or to remove the disk partition on the logical drive for RAID-5 systems.
– The disk delete-data-partitions command deletes the DRE caches.
– After using the disk delete-data-partitions command, you must reload the device.
Note After using the disk delete-data-partitions command, you must reload the device with a cold boot. If you reload the device with a warm boot, all data is not cleared, which may prevent the device from establishing connections.
The data partitions are automatically re-created and the caches are initialized, which can take several minutes. DRE optimization is not done until the DRE cache has finished initializing. The show statistics dre EXEC command reports “TFO: Initializing disk cache” until then. It is best not to interrupt DRE cache initialization by reloading the device again until after cache initialization has finished. However, if DRE cache initialization is interrupted, on the next reboot the disk is checked, which takes extra time, and DRE initialization is completed again.
- When you upgrade to software version 6.1.1, and execute disk-delete-preserve-software command for the first time, all data and system partitions are re-created.
– Use the disk delete-preserve-software command if you want to delete all existing data and system partitions, and yet want to preserve the software version and the device registration details with the Central Manager. This changes the software store partition size from 1 GB to 2GB. This command is applicable for all vWAAS devices, ISR WAAS devices and SM-SRE devices.
Examples
The following example shows how to recreate the RAID-5 array:
Related Commands
dnslookup
To resolve a host or domain name to an IP address(IPv4/IPv6), use the dnslookup EXEC command.
dnslookup { hostname | domainname| IPv4/IPv6 address }
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how the dnslookup command is used to resolve the hostname myhost to IP address172.31.69.11
The following example shows how the dnslookup command is used to resolve the hostname abd.com to IP address 192.168.219.25:
The following example shows how the dnslookup command is used to resolve an IP address used as a hostname to 10.0.11.0:
The following example shows how the dnslookup command is used to resolve an IP address to a hostname:
enable
To access privileged EXEC commands, use the enable EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the WAAS software CLI EXEC mode for setting, viewing, and testing system operations. This command mode is divided into two access levels: user and privileged. To access privileged-level EXEC mode, enter the enable EXEC command at the user access level prompt and specify the admin password when prompted for a password.
If using TACACS+ authentication, there is an enable password feature in TACACS+ that allows an administrator to define a different enable password for each user. If a TACACS+ user enters the enable EXEC command to access privileged EXEC mode, that user must enter the admin password defined by the TACACS+ server.
The disable command takes you from privileged EXEC mode to user EXEC mode.
Examples
The following example shows how to access privileged EXEC mode:
Related Commands
exit
To terminate privileged-level EXEC mode and return to the user-level EXEC mode, use the exit command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The exit EXEC command is equivalent to pressing Ctrl-Z or entering the end command. Entering the exit command in the user level EXEC shell terminates the console or Telnet session.
Examples
The following example shows how to terminate privileged-level EXEC mode and return to the user-level EXEC mode:
Related Commands
find-pattern
To search for a particular pattern in a file, use the find-pattern command in EXEC mode.
find-pattern {binary reg-express filename | count reg-express filename | lineno reg-express filename | match reg-express filename | nomatch reg-express filename | recursive reg-express filename }
find-pattern case { binary reg-express filename | count reg-express filename | lineno reg-express filename | match reg-express filename | nomatch reg-express filename | recursive reg-express filename }
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to search a file recursively for a case-sensitive pattern:
The following example shows how to search a file for a pattern and print the matching lines:
The following example shows how to search a file for a pattern and print the number of matching lines:
Related Commands
help
To obtain online help for the command-line interface, use the help EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
You can obtain help at any point in a command by entering a question mark (?). If nothing matches, the help list will be empty, and you must back up until entering a ? shows the available options.
Examples
The following example shows how to display the output of the help EXEC command:
Related Commands
install
To install a new software image (such as the WAAS software) on the WAAS device, use the install EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The install command loads the system image into flash memory and copies the disk-based software component to the software file system (swfs) partition. This command can also be used to install a BIOS or other firmware update by specifying the appropriate update file.
Note If you are installing a system image that contains optional software, make sure that an SWFS partition is mounted.
To install a system image, copy the image file to the SYSFS directory local1. Before executing the install command, change the present working directory to the directory where the system image resides. When the install command is executed, the image file is expanded. The expanded files overwrite the existing files on the WAAS device. The newly installed version takes effect after the system image is reloaded.
Note The install command does not accept.pax files. Files should be of the type.bin (for example, cache-sw.bin). Also, if the release being installed does not require a new system image, then it may not be necessary to write to flash memory. If the newer version has changes that require a new system image to be installed, then the install command may result in a write to flash memory.
Close your browser and restart the browser session to the WAAS Central Manager, if you installed a new software image to the primary WAAS Central Manager.
Examples
The following example shows how to load the system image contained in the wae512-cache-300.bin file:
Related Commands
less
To display a file using the Less application, use the less EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Less is a pager application that displays text files one page at a time. You can use Less to view the contents of a file, but not edit it. Less offers some additional features when compared to conventional text file viewer applications such as Type. These features include the following:
- Backward movement—Allows you to move backward in the displayed text. Use k, Ctrl-k, y, or Ctrl-y to move backward. See the summary of Less commands for more details; to view the summary, press h or H while displaying a file in Less.
- Searching and highlighting—Allows you to search for text in the file that you are viewing. You can search forward and backward. Less highlights the text that matches your search to make it easy to see where the match is.
- Multiple file support—Allows you to switch between different files, remembering your position in each file. You can also do a search that spans all the files you are working with.
Examples
The following example shows how to display the text of the syslog.txt file using the Less application:
Related Commands
license add
To add a software license to a device, use the license add EXEC command.
Syntax Description
Name of the software license to add. The following license names are supported: |
Defaults
Command Modes
Device Modes
Examples
The following example shows how to install the enterprise license:
Related Commands
clear arp-cache license
lls
To view a long list of directory names, use the lls EXEC command.
Syntax Description
(Optional) Name of the directory for which you want a long list of files. |
Defaults
Command Modes
Device Modes
Usage Guidelines
The lls command provides detailed information about files and subdirectories stored in the present working directory (including the size, date, time of creation, SYSFS name, and long name of the file). This information can also be viewed with the dir command.
Examples
The following example shows how to display a detailed list of the files in the current directory:
-------------- ------------------------- -----------
4096 Fri Feb 24 14:40:00 2006 <DIR> actona
4096 Tue Mar 28 14:42:44 2006 <DIR> core_dir
4096 Wed Apr 12 20:23:10 2006 <DIR> crash
4506 Tue Apr 11 13:52:45 2006 dbupgrade.log
4096 Tue Apr 4 22:50:11 2006 <DIR> downgrade
4096 Sun Apr 16 09:01:56 2006 <DIR> errorlog
4096 Wed Apr 12 20:23:41 2006 <DIR> logs
16384 Thu Feb 16 12:25:29 2006 <DIR> lost+found
4096 Wed Apr 12 03:26:02 2006 <DIR> sa
24576 Sun Apr 16 23:54:30 2006 <DIR> service_logs
4096 Thu Feb 16 12:26:09 2006 <DIR> spool
9951236 Sun Apr 16 23:54:20 2006 syslog.txt
10026298 Thu Apr 6 12:25:00 2006 syslog.txt.1
4096 Thu Feb 16 12:29:30 2006 <DIR> var
508 Sat Feb 25 13:18:35 2006 wdd.sh.signed
Related Commands
ls
To view a list of files or subdirectory names within a directory on the device hard disk, use the ls EXEC command.
Syntax Description
(Optional) Name of the directory for which you want a list of files. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the ls directory command to list the filenames and subdirectories within a particular directory.
Use the ls command to list the filenames and subdirectories of the current working directory.
Examples
The following example shows how to display the files and subdirectories that are listed within the root directory:
actona
core_dir
crash
dbupgrade.log
downgrade
errorlog
logs
lost+found
sa
service_logs
spool
syslog.txt
syslog.txt.1
var
wdd.sh.signed
Related Commands
lsusb
To view a list of files or subdirectory names within a directory on a USB storage device, use the lsusb EXEC command.
Syntax Description
(Optional) Name of the directory for which you want a list of files. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the lsusb directory command to list the filenames and subdirectories within a particular directory on the USB device.
Use the lsusb command to list the filenames and subdirectories of the current working directory on the USB device.
This command is available only on WAAS devices that support external USB storage devices.
Examples
The following example shows how to display the files and subdirectories that are listed within the root directory of a USB device:
directory1
afile.txt
Related Commands
mkdir
To create a directory, use the mkdir EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to create a new directory, oldpaxfiles :
Related Commands
mkfile
To create a new file, use the mkfile EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the mkfile EXEC command to create a new file in any directory of the WAAS device.
Examples
The following example shows how to create a new file, traceinfo, in the root directory:
Related Commands
monitor appnav-controller traffic
To enable traffic monitoring on an AppNav Controller Interface Module, use the monitor appnav-controller traffic EXEC command.
monitor appnav-controller traffic { access-list acl-name | disable }
Syntax Description
Name of the access list that determines which flows are monitored. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
Use this command to enable the AppNav Controller Interface Module to supply monitoring statistics for traffic flows that match the specified ACL. The ACL must be defined by the ip access-list global configuration command.
The ACL specified in this command is shared by the packet-capture and debug appnav-controller commands.
Use the show statistics monitor appnav-controller traffic EXEC command to display the monitoring statistics.
Use the show monitor EXEC command to display the status of traffic monitoring.
Examples
The following example shows how to enable traffic monitoring with an ACL:
Related Commands
ntpdate
To set the software clock (time and date) on a WAAS device using an NTP server, use the ntpdate EXEC command.
ntpdate { hostname | ip-address } [ key { authentication-key }]
Syntax Description
(Optional) Specifies to use authentication with the NTP server. |
|
Authentication key string to use with the NTP server authentication. This value must be between 0 and 4294967295. |
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the ntpdate command to find the current time of day and set the current time on the WAAS device to match. You must save the time to the hardware clock using the clock save command if you want to restore the time after a reload.
Examples
The following example shows how to set the software clock on the WAAS device using a NTP server:
Related Commands
packet-capture
To capture packets on a device interface, use the packet-capture EXEC command.
packet-capture all-interfaces { access-list { acl-name | acl-num } | destination-ip { hostname | ip-address } | destination-port port | source-ip { hostname | ip-address } | source-port port } [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]
packet-capture appnav-controller { access-list { acl-name | acl-num } | interface { GigabitEthernet slot/port | TenGigabitEthernet slot/port | PortChannel index | standby grpnumber } access-list { acl-name | acl-num }} [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]
packet-capture interface { GigabitEthernet slot/port | TenGigabitEthernet slot/port | PortChannel index | standby grpnumber } | virtual slot/port | { access-list { acl-name | acl-num } | destination-ip { hostname | ip-address } | destination-port port | source-ip { hostname | ip-address } | source-port port } [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]
packet-capture decode [ destination-ip { hostname | ip-address } | destination-port port | source-ip { hostname | ip-address } | source-port port ] [ file-size size [ number-of-files num | stop-after-num-files num ] ] | packet-size | non-encapsulated | [ capture-filename ]
packet-capture stop [file-size size [number-of-files num | stop-after-num-files num] ] | packet-size | nonencapsulated [ capture-filename ]
Syntax Description
Defaults
Command Modes
Device Modes
Note the following device mode usage for the packet-capture command:
– Used with packet-capture all-interfaces, packet-capture interface, packet-capture decode, and packet-capture stop.
– Used with packet-capture all-interfaces, packet-capture interface, packet-capture appnav-controller, packet-capture decode, and packet-capture stop.
– Used with packet-capture all-interfaces, packet-capture interface, packet-capture decode, and packet-capture stop.
Usage Guidelines
The following are usage guidelines for the packet-capture command:
The packet-capture command is preferred over the deprecated commands tcpdump and tethereal, and is required to capture data plane traffic on an AppNav Controller Interface Module interface.
Examples
The following example shows how to capture packets on a general interface:
The following example shows how to capture packets on all interfaces on an AppNav Controller Interface Module:
Related Commands
ping
To send echo packets for diagnosing basic network connectivity on networks, use the ping EXEC command.
ping [ management ] { hostname | ip-address }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
To use the ping command with the hostname argument, make sure that DNS functionality is configured on the WAAS device. To force the timeout of a nonresponsive host, or to eliminate a loop cycle, press Ctrl-C.
Examples
The following example shows how to send echo packets to a machine with address 172.19.131.189 to verify its availability on the network:
Related Commands
ping6
To send echo packets for diagnosing basic network connectivity on IPv6 networks, use the ping6 EXEC command.
ping6 { hostname | ip-address }[ management ]
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
To use the ping6 command with the hostname argument, make sure that DNS functionality is configured on the WAAS device. To force the timeout of a nonresponsive host, or to eliminate a loop cycle, press Ctrl-C.
When you use a device’s management interface to establish connectivity to another device, using ping6 command, and the management interface goes down, the communication will still succeed if the address of the end device is reachable from any other interface.
Examples
The following example shows how to send echo packets to a machine with address 2013:1:1:10::5
to verify its availability on the network:
Related Commands
pwd
To view the present working directory on a WAAS device, use the pwd EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example shows how to display the current working directory:
Related Commands
reload
To halt the operation and perform a cold restart on a WAAS device, use the reload EXEC command.
reload [ force | in m | cancel ]
Syntax Description
(Optional) Schedules a reboot after a specified interval (1-10080 minutes). |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
To reboot a WAAS device, use the reload command. If no configurations are saved to flash memory, you are prompted to enter configuration parameters upon a restart. Any open connections are dropped after you enter the reload command, and the file system is reformatted upon restart.
The reload command can include the option to schedule a reload of the software to take effect in a specified number of minutes. After entering this command, you are asked to confirm the reload by typing y and then confirm WCCP shutdown by typing y again (if WCCP is active).
Examples
The following example shows how to halt the operation of the WAAS device and reboot with the configuration saved in flash memory. You are not prompted for confirmations during the process.
Related Commands
rename
To rename a file on a WAAS device, use the rename EXEC command.
rename oldfilename newfilename
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the rename command to rename any SYSFS file without making a copy of the file.
Examples
The following example shows how to rename the errlog.txt file to old_errlog.txt :
Related Commands
restore
To restore the device to its manufactured default status by removing the user data from the disk and flash memory, use the restore EXEC command.
restore { factory-default [ preserve basic-config ] | rollback }
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the restore EXEC command to restore data on a disk and in flash memory to the factory default, while preserving particular time-stamp evaluation data, or to roll back the configuration to the last functional data and device configuration.
This command erases all existing content on the device; however, your network settings are preserved and the device is accessible through a Telnet and Secure Shell (SSH) session after it reboots.
Backing up the Central Manager Database
Before you use the restore factory-default command on your primary WAAS Central Manager or change over from the primary to a standby WAAS Central Manager, make sure that you back up the WAAS Central Manager database and copy the backup file to a safe location that is separate from the WAAS Central Manager. You must halt the operation of the WAAS Central Manager before you enter the backup and restore commands.
By removing the WAAS Central Manager database, all configuration records for the entire WAAS network are deleted. If you do not have a valid backup file or a standby WAAS Central Manager, you must reregister every WAE with the WAAS Central Manager because all previously configured data is lost.
If you used your standby WAAS Central Manager to store the database while you reconfigured the primary, you can register the former primary as a new standby WAAS Central Manager.
If you created a backup file while you configured the primary WAAS Central Manager, you can copy the backup file to this newly reconfigured WAAS Central Manager.
Rolling Back the Configuration
You can roll back the software and configuration of a WAAS device to a previous version using the restore rollback command. You would roll back the software only in cases in which a newly installed version of the WAAS software is not functioning properly.
The restore rollback command installs the last saved WAAS.bin image on the system disk. A WAAS.bin image is created during software installation and stored on the system disk. If the WAAS device does not have a saved version, the software is not rolled back.
Note WAFS to WAAS migration is supported. Rollback from WAAS to WAFS is not supported.
Examples
The following examples show how to use the restore factory-default and restore factory-default preserve basic-config commands. Because configuration parameters and data are lost, prompts are given before initiating the restore operation to ensure that you want to proceed.
[yes/no]
[yes/no]
Note You can enter basic configuration parameters (such as the IP address, hostname, and name server) at this point, or you can enter these parameters later through entries in the command-line interface.
The following example shows how to verify that the restore command has removed data from the SYSFS, WAAS, and PRINTSPOOLFS partitioned file systems:
The following example shows how to upgrade or restore an older version of the WAAS software. In the example, version Y of the software is installed (using the copy command), but the administrator has not switched over to it yet, so the current version is still version X. The system is then reloaded (using the reload command), and it verifies that version Y is the current version running.
The following example shows how to roll back the software to version X (using the restore rollback command), and reload the software:
Because flash memory configurations were removed after the restore command was used, the show startup-config command does not return any flash memory data. The show running-config command returns the default running configurations.
Related Commands
rmdir
To delete a directory on a WAAS device, use the rmdir EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the rmdir EXEC command to remove any directory from the WAAS file system. The rmdir command only removes empty directories.
Examples
The following example shows how to delete the oldfiles directory from the local1 directory:
Related Commands
scp
To copy files between network hosts, use the scp command.
scp [ 4 ][ 6 ][ B ][ C ][ p ][ q ][ r ][ v ] [ c cipher ] [ F config-file ] [ i id-file ] [ o ssh_option ] [ P port ] [ S program ]
[[ user @ ] host : file ] [... ] [[ user-n @ ] host-n : file-n ]
Syntax Description
Command Modes
Device Modes
Usage Guidelines
The scp command uses SSH for transferring data between hosts.This command is enabled by default.
This command prompts you for passwords or pass phrases when needed for authentication.
Related Commands
script
To execute a script provided by Cisco or check the script for errors, use the script EXEC command.
script { check | execute } file_name
Syntax Description
Executes the script. The script file must be a SYSFS file in the current directory. |
|
Defaults
Command Modes
Device Modes
Usage Guidelines
The script EXEC command opens the script utility, which allows you to execute Cisco-supplied scripts or check errors in those scripts. The script utility can read standard terminal input from the user if the script you run requires input from the user.
Note The script utility is designed to run only Cisco-supplied scripts. You cannot execute script files that lack Cisco signatures or that have been corrupted or modified.
Examples
The following example shows how to check for errors in the script file test_script.pl :
setup
To configure basic configuration settings (general settings, device network settings, interception type, disk configuration, and licenses) on the WAAS device or to complete basic configuration after upgrading to the WAAS software, use the setup EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
For instructions on using the setup command, see the Cisco Wide Area Application Services Quick Configuration Guide.
For proper display of the setup command, leave the terminal length set to the default value of 24 lines.
show aaa accounting
To display the AAA accounting configuration information for a WAAS device, use the show aaa accounting EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the show aaa accounting EXEC command to display configuration information for the following AAA accounting types:
Examples
Table 3-1 describes the fields shown in the show aaa accounting command display.
Related Commands
show aaa authorization
To display the AAA authorization configuration information for a WAAS device, use the show aaa authorization EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the show aaa authorizaiton EXEC command to display configuration and state information related to AAA authorization.
Examples
Table 3-2 describes the fields shown in the show aaa authorization command display.
|
|
---|---|
AAA authorization configuration for the following types of user accounts: |
|
Related Commands
show accelerator
To display the status and configuration of the application accelerators, use the show accelerator EXEC command.
show accelerator [ detail | epm | http [ debug ]| ica | interposer-ssl | mapi | smb | ssl | wansecure ]
Syntax Description
Defaults
Command Modes
Device Modes
Examples
The following example displays the output for the show accelerator http command:
Table 3-3 describes the fields shown in the show accelerator command display for all application accelerators. Specific application accelerators display additional configuration status information.
If you use the show accelerator http or the show accelerator smb command, the output contains an extra section called Accelerator Config Item, which appears before the Policy Engine Config Item section. In the Accelerator Config Item section, each item shows the status of an HTTP accelerator configuration item. The Mode column shows Default if the item is configured with the default setting or User if the item is configured with a different setting by the user. The Value column shows the current value of the item (Enabled, Disabled, or an alpha-numeric setting).
Related Commands
show accelerator http object-cache
To display HTTP object cache configuration and status information for a WAAS device, use the show accelerator http object-cache EXEC command.
show accelerator http object-cache
Syntax Description
Command Default
Command Modes
Device Modes Default
Usage Guidelines
Use the show accelerator http object-cache command to display HTTP object cache configuration and status information for a WAAS device.
Examples
The following example shows output from the show accelerator http object-cache command:
-------------------------------
Related Commands
show alarms
To display information about various types of alarms, their status, and history on a WAAS device, use the show alarms EXEC command.
show alarms critical [ detail [ support ]]
show alarms detail [ support ]
show alarms history [ start_num [ end_num [ detail [ support ]]]] | critical [ start_num [ end_num [ detail [ support ]]]]
show alarms major [ start_num [ end_num [ detail [ support ]]]]
show alarms minor [ start_num [ end_num [ detail [ support ]]]]
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
The Node Health Manager in the WAAS software enables WAAS applications to raise alarms to draw attention in error/significant conditions. The Node Health Manager, which is the data repository for such alarms, aggregates the health and alarm information for the applications, services, and resources (for example, disk drives) that are being monitored on the WAAS device. For example, this feature gives you a mechanism to determine if a WAE is receiving overwhelming number of alarms. These alarms are referred to as WAAS software alarms.
The WAAS software uses SNMP to report error conditions by generating SNMP traps. The following WAAS applications can generate a WAAS software alarm:
The three levels of alarms in the WAAS software are as follows:
- Critical—Alarms that affect the existing traffic through the WAE and are considered fatal (the WAE cannot recover and continue to process traffic).
- Major—Alarms that indicate a major service (for example, the cache service) has been damaged or lost. Urgent action is necessary to restore this service. However, other node components are fully functional and the existing service should be minimally impacted.
- Minor—Alarms that indicate that a condition that will not affect a service has occurred, but that corrective action is required to prevent a serious fault from occurring.
You can configure alarms using the snmp-server enable traps alarms global configuration command.
Use the show alarms critical EXEC command to display the current critical alarms being generated by WAAS software applications. Use the show alarms critical detail EXEC command to display additional details for each of the critical alarms being generated. Use the show alarms critical detail support EXEC command to display an explanation about the condition that triggered the alarm and how you can find out the cause of the problem. Similarly, you can use the show alarms major and show alarms minor EXEC commands to display the details of major and minor alarms.
Use the show alarms history EXEC command to display a history of alarms that have been raised and cleared by the WAAS software on the WAAS device since the last software reload. The WAAS software retains the last 100 alarm raise and clear events only.
Use the show alarms status EXEC command to display the status of current alarms and the alarm overload status of the WAAS device and alarm overload configuration.
Examples
Table 3-4 describes the fields shown in the show alarms history command display.
Table 3-5 describes the fields shown in the show alarms status command display.
Related Commands
show appnav-controller flow-distribution
To display ANC flow distribution information, use the show appnav-controller flow-distribution EXEC command.
show appnav-controller flow-distribution [ client-ip ip_address | client-port port | peer-id peer_id | server-ip ip_address | server-port port ]
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
This command can be used to determine how a flow would be classified and redirected.
Examples
The following is sample output from the show appnav-controller flow-distribution command that shows how a flow would be redirected:
Related Commands
show arp
To display the Address Resolution Protocol (ARP) table for a WAAS device, use the show arp EXEC command.
Syntax Description
Defaults
Command Modes
Device Modes
Usage Guidelines
Use the show arp command to display the Internet-to-Ethernet address translation tables of the Address Resolution Protocol. Without flags, the current ARP entry for the host name is displayed.
On an ISR-WAAS device, no ARP entries are present for IP addresses on the same subnet as the ISR-WAAS device; there is an entry only for the defined gateway.
The ARP cache is cleared based on the gc_stale_time; the default time is 60 seconds.
Cache entry states, described in Table 3-6, function as follows:
1. An entry in the ARP table with a Reachable state is moved to the Stale state after the ReachableTime is exceeded, or an UnsolicitedNeighbor advertisement is received.
2. After an entry in the ARP table is moved to the Stale state, it sends an ARP request and is moved to the Delay state. It remains in the Delay state until it receives an acknowledgment.
3. Depending on the next action, the entry is then moved to the Reachable state or the Probe state:
– If the entry receives an acknowledgment on time, it is moved to the Reachable state.
– If the entry does not receive an acknowledgment on time, it is moved to the Probe state.
Examples
Table 3-6 describes the fields shown in the show arp command display.
show authentication
To display the authentication configuration for a WAAS device, use the show authentication EXEC command.
show authentication { user | strict-password-policy}
Syntax Descriptions
Displays authentication configuration for user login to the system. |
|