Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
884
Views
0
Helpful
0
Replies

NX-OS / logging debug to syslog

stuartkendrick
Level 1
Level 1

‎11-06-2015 10:11 AM

My NX-OS boxes are sending level 6 messages to syslog ... but not level 7 messages.

What am I missing?

NXOS 7.0(3)I2(1)

==> I have configured logging level 7 for CDP, as my test case

dc-101-esx# show logging level cdp
Facility        Default Severity        Current Session Severity
--------        ----------------        ------------------------
cdp                     2                       7

0(emergencies)          1(alerts)       2(critical)
3(errors)               4(warnings)     5(notifications)
6(information)          7(debugging)

dc-101-esx#

I'm logging locally to a file:

dc-101-esx# show debug
Output forwarded to file cdp-debug.txt (size: 4194304 bytes)
Debug level is set to Detail

CDP Daemon:
 MTS Receive Packets debugging is on
 MTS Transmit Packets debugging is on
 MTS Receive Packet header/payload debugging is on
 MTS Transmit Packet header/payload debugging is on
 MTS events debugging is on
 Packet events debugging is on
 PSS events debugging is on
 All errors debugging is on
 Traces debugging is on
 Trace details debugging is on
 Objstore events debugging is on
Debug level is set to Minor(1)

L2RIB Enabled Debugs:
 default for new sessions logging level: 3

dc-101-esx#

Which is growing in size:

dc-101-esx# dir log:
      23911    Nov 06 17:56:39 2015  cdp-debug.txt
         31    Nov 03 15:30:38 2015  dmesg

[...]

dc-101-esx# dir log:
      47760    Nov 06 17:58:01 2015  cdp-debug.txt

 

I've configured a syslog server to receive messages at severity debug:

dc-101-esx# show logging server
{10.71.72.11}
        server severity:        debugging
        server facility:        local7
        server VRF:             management
        server port:            514
dc-101-esx#

Which is accumulating messages at severity 6 ...

2015-11-06T09:52:07.557122-08:00 dc-101-esx : 2015 Nov  6 17:52:07.546 UTC: %AAA
-6-AAA_ACCOUNTING_MESSAGE: update:10.71.72.11@pts/0:stuart:dir log:/ (SUCCESS)
2015-11-06T09:52:29.572541-08:00 dc-101-esx : 2015 Nov  6 17:52:29.561 UTC: %AAA
-6-AAA_ACCOUNTING_MESSAGE: update:10.71.72.11@pts/0:stuart:dir (SUCCESS)

[...]

2015-11-06T10:07:47.739614-08:00 dc-101-esx : 2015 Nov  6 18:07:47.730 UTC: %NTP
-6-NTP_SYSLOG_LOGGING: : Synchronizing to 10.81.0.5, stratum 3

stuart@vishnu:/var/log$ grep dc-101-esx syslog | grep "\-6\-" | wc -l
52
stuart@vishnu:/var/log$

But not seeing any messages at severity level 7:

stuart@vishnu:/var/log$ grep dc-101-esx syslog | grep "\-7\-" | wc -l
0
stuart@vishnu:

For grins, I added:

dc-101-esx# show logging level local7
Facility        Default Severity        Current Session Severity
--------        ----------------        ------------------------
local7                  3                       7

0(emergencies)          1(alerts)       2(critical)
3(errors)               4(warnings)     5(notifications)
6(information)          7(debugging)
dc-101-esx#

But I don't think that would be necessary ... and it didn't make any difference anyway.

I have an ethanalyzer pcap (ethanalyer local interface mgmt limit-captured-frames 0 write bootflash:2015-11-06-0930-dc-101-esx-mgmt.pcap) which shows syslog messages sent to my syslog host ... but only severity 6 and lower:  no severity level 7 messages.

1 person had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents