The syslog facility
allows the device to send a copy of the message log to a host for more
permanent storage. This feature allows you to examine the logs over a long
period of time or if the device is not accessible.
This example shows
how to configure the device to use the syslog facility on a Solaris platform.
Although a Solaris host is being used, the syslog configuration on all UNIX and
Linux systems is very similar.
Syslog uses the
facility to determine how to handle a message on the syslog server (the Solaris
system in this example) and the message severity. Different message severities
are handled differently by the syslog server. They could be logged to different
files or e-mailed to a particular user. Specifying a severity level on the
syslog server determines that all messages of that level and greater severity
(lower number) will be acted upon as you configure the syslog server.
configure the syslog server so that the
messages are logged to a different file from the standard syslog file so that
they cannot be confused with other non-Cisco syslog messages. Do not locate the
logfile on the / file system. You do not want log messages to fill up the /
file system. This example uses the following values:
syslog facility: local1
severity: notifications (level 5, the default)
File to log
messages to: /var/adm/nxos_logs
To configure the
syslog feature on
follow these steps:
logging server 192.0.2.1 6
server command to
verify the syslog configuration.
switch1# show logging server
Logging server: enabled
server severity: notifications
server facility: local1
server VRF: management
To configure a
syslog server, follow these steps:
/etc/syslog.conf to handle local1 messages. For Solaris, you must allow at
least one tab between the facility.severity and the action
Create the log
syslog service starting.
Verify that the
syslog process has started.
ps -ef |grep syslogd
Test the syslog
server by creating an event in
In this case, port e1/2 was shut down and reenabled, and the following was
listed on the syslog server. The IP address of the device is listed in
tail -f /var/adm/MDS_logs
Sep 17 11:07:41 [172.22.36.142.2.2] : 2013 Sep 17 11:17:29 pacific: PORT-5-IF_DOWN_INITIALIZING: %$VLAN 1%$ Interface e 1/2 is down (Initializing)
Sep 17 11:07:49 [172.22.36.142.2.2] : 2013 Sep 17 11:17:36 pacific: %PORT-5-IF_UP: %$VLAN 1%$ Interface e 1/2 is up in mode access
Sep 17 11:07:51 [172.22.36.142.2.2] : 2013 Sep 17 11:17:39 pacific: %VSHD-5-VSHD_SYSLOG_CONFIG_I: Configuring console from pts/0 (dhcp-171-71-49-125.cisco.com