05-04-2009 12:40 PM - edited 03-21-2019 09:15 AM
I'm evaluating the PAP2T-NA and desire to capture syslog and debug messages on a syslog server. I'm not able to see how to set the facility code (i.e. local6) on the ATA. Is this a preconfigured code on this device? If so, what is it?
I do see messages on my server, but would like to direct them to a specific log file for the PAP2T-NA. I tried pointing the messages temporarily to a XP box with Wireshark, but can not see any of the facility or priority information either by inspection of the capture or by applying the Wireshark filters that supposedly do this extraction. Recorded messages on the syslog server do not show this info either.
Thanks,
Roger
05-04-2009 02:29 PM
Hi Roger,
This document should get you going: https://www.myciscocommunity.com/docs/DOC-5405
Regards,
Patrick
----------
05-04-2009 05:30 PM
Thank you.
I don't see right away that another syslog server application would help with my inquiry. I can already capture syslog data from the ATA. I glanced at a screenshot of slogsrv.exe and it seems to display the same information as the server I've been experimenting with, or, in other words, it does not show the PRI part of the syslog message as defined in RFC 3164. Maybe I'm missing something obvious?
Thanks,
Roger
05-06-2009 05:13 AM
Hi Roger,
The document I pointed you was intended to help you with the question about directing output to a specific file. The document describes using alternate ports for syslog traffic.
"I do see messages on my server, but would like to direct them to a specific log file for the PAP2T-NA."
Our devices provide syslog and debug message output. We offer 3 levels of output, none-debug level0, through verbose, debug level3.
In addition, the SIP debug option can be set to provide syslog output.
We don't do any more than this.
I'm not sure what facility codes our debug levels relate to. I'll check and get back to you.
Regards,
Patrick
----------
05-07-2009 04:35 AM
Hi Roger,
I've just pulled a Wireshark trace on a phone environment that I'm debugging and I'm seeing both facility and level information from the device in the trace.
The trace from an ATA should be close to identical to that of a phone, but please verify. I can check later if you are not able to.
I'm seeing LOCAL0.INFO and LOCAL2.DEBUG in my traces with level-3 debug detail selected on the device.
Is this the information that you are looking for?
Regards,
Patrick
----------
05-08-2009 06:48 AM
Patrick,
Thanks, and, yes, that is how and where I would expect to find the information. When I do the same sort of Wireshark capture of the output from the PAP2T-NA, I do not get the syslog message. I've attached a screen capture. When I test another device on the LAN, a Linksys WRT54GL with Tomato firmware, I do see the syslog info from the router, so I'm confident my Wireshark captures are working properly.
My tentative conclusion is the PAP2T-NA does not send the PRI info, which is the facility and level information shown in your trace. I don't know if this might change with later firmware. The firmware version on the PAP2T-NA I'm evaluating is 3.1.15 (LS), but I'm reluctant to upgrade until I'm more along with my tests.
If you, or anyone else who is interested, could test another PAP2T-NA I guess we could validate my tentative conclusion.
Thanks for your help.
Roger
05-12-2009 01:23 PM
Hi Roger,
Hmm, it doesn't look good looking at your trace. I don't have a PAP2T in my lab so I've a requested a colleague run a trace for me.
I'll let you know as soon as I hear back.
Regards,
Patrick
----------
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide