The nxoslogfinder tool finds event logs inside a `show tech-support` (including feature show techs) output or any output of an NXOS command from a Nexus platform within a time range (between a start timestamp and an end timestamp) and provides the event logs found in two different reports:
NXOS Log Report
Chronological NXOS Log Report
The timestamp range may include Year, Month, Day and Time (including microseconds).
Keyword Search for Well-Known Patterns Logs with known keywords such as 'FSM' or 'Module' are added to the NXOS Log Report for better readability
Merged Chronological report
If the merge_chono option is checked the script will merge the chronological reports from all files found in the archive. Every command found will have the hostname of the Nexus switch prepended to it.
Supported files: show tech-support and non-show tech-support outputs
Supported formats: gz, tar, tgz, rar, zip, txt
Supports Complete or Partial NXOS commands (like 'sh ver')
Recognizes most event logs from all Nexus platforms
Optionally the user can specify how many event logs per show command are to be captured and how many context lines per event log will be saved.
A hyperlink to download the NXOS Log Report.
A hyperlink to download the Chronological NXOS Log Report
A hyperlink to download the Merged Chronological NXOS Log Report (if checked)
On-screen view of the NXOS Log Reports
NXOS Log Reports
Both types of NXOS Log Reports include the following:
NXOS Command under which the event logs with a timestamp within the specified time range were found
Event Logs with a timestamp in specified time range
Context Log lines (before and after each event log with a timestamp in specified time range)
The Chronological NXOS Log Report is the same NXOS Log Report but in chronological order and it includes a normalized timestamp for each log found.
Find all event logs that occurred around the time of hardware failures of the following events that occurred on a Nexus switch including:
A crash, reset or failure of a Supervisor, Linecard Module, Fabric Module, PSU, Fan and any other component reporting event logs to the Nexus sysmgr. This is particularly useful when it is important to determine if there is a hardware or a software failure at hand.
A restart, crash or panic of a NXOS Process:
Find all event logs around the time of a network outage in order to find an RCA for a problem. The investigation usually starts with a timestamp for events like the start of a Spanning-tree loop, a drop of an interface, drop/flap of a protocol (routing protocol, HSRP).
The nxoslogfinder tool allows the user to merge the logs found from various files in an archive (tar, gz, zip, 7z) which may belong to different Nexus switches involved in an outage.
The Chronological NXOS Log Report can be used to correlate the events from the different NXOS components. This feature is specially useful when understanding the sequence of events is critical.
Although `show tech-support` files provide valuable information for diagnosing a failure, it is known the size could range from a few MB to hundreds of MB and may approach or even exceed 1GB for a fully loaded Nexus 7000 or Nexus 9500. Therefore, reviewing these files manually by using the search features in Notepad or TextWrangler or using grep in Unix/Linux for finding patterns is a time consuming task.
The nxoslogfinder tool makes it easy and fast to correlate event logs from multiple `show tech` and from multiple Nexus platforms.
The chronological order of the event logs can be generated facilitating the analysis when the sequence of events is important
The nxoslogfinder can be used to filter and find logs within show tech-support and also non-show tech-support outputs from any Nexus Platforms used in the Data Center including: Nexus 3000, Nexus 5000, Nexus 5600/Nexus 6000, Nexus 7000 and Nexus 9000.
Ryan Bolenbaugh - High Touch Engineer, FTS
Nikolay Karpyshev - Customer Support Engineer, TAC
Alejandro Eguiarte - Technical Leader, Services.
When using the nxoslogfinder tool on CCO or the development site the following would be the minimum necessary to parse a file:
Provide a file with the `show tech-support` output or a file with miscellaneous NXOS commands
Enter the desired Start and End Timestamps
The rest of the parameters are optional:
Maximum Number of Timestamp Logs. The default is 5 log lines with a timestamp.
Maximum Number of Context Logs Before TS. The default is 2 log lines before a timestamp within the specified range.
Maximum Number of Context Logs After TS. The default is 5 log lines after a timestamp within the specified range.
Keywords. List of relevant characters to find. The default is none.
Merge Chrono. If enabled, the tool will generate a Chronological NXOS Log Report merging all Timestamp Logs found from all Nexus switches detected.
Here is a sample output of the tool after parsing is completed:
Your feedback is valuable to help us improve the tool. Please do not hesitate in adding a comment using the icon in the upper right corner of this page.
Hi, I am struggling with the setup of the WLC 9800 on a Catalyst 9300 Switch. I would like to configure it from DNA Center but I think DNA Center is not aware that I have one.Here is the output from my switch Next reload AIR license Level: AIR DNA Ad...
Hi all, I’ve been reading up and SPAN and the use of aggregator taps and full duplex taps. I feel i have a better understanding of each, but i still have a question that cannot seem find the answer to, hopefully somebody will know the answer to...
Dear All , I am doing my thesis on Segment Routing and trying to show the benefits of SR by using GNS3 and building a network and implementing SR and testing some use cases I'd need your help and suggestions the network is as shown below &n...
Hi All and thanks for any clues or solutions. First Issue My VPN setup seems to work ( Connects fine to my Iphone and Ipad) even with some issues in the log !! ?? Should I just ignore those ?? %CRYPTO-6-IKMP_MODE_FAILUR...
Hi, I'm testing a dual cloud dmvpn as a backup for mpls. Dmvpn using ibgp and mpls using ebgp between hub and spokes. Each Cloud has single hub and these two hubs sharing same DC LAN Network subnet and using eigrp in DC.Each huB has one mpls li...