Syslog Commands

Syslog is a standard for logging program messages. It separates the software that generates and stores messages from the software that reports and analyzes them.

Syslog is a protocol used for capturing log information for devices on a network. The syslog protocol provides a transport, allowing a machine to send event notification messages across IP networks to event message collectors, also known as syslog servers. The protocol is simply designed to transport the event messages.

One of the fundamental tenets of the Syslog protocol and process is its simplicity. The transmission of syslog messages can be started on a device without a receiver being configured, or being physically present. This helps the acceptance and deployment of syslog.

Syslog CLI commands are categorized as follows:

• Enable and Disable Commands
• Configuration Commands
• Display Commands
• Clear Commands

Enable and Disable Commands

This section includes Syslog enable and disable commands.

logging

Command Objective:
This command enables syslog server and configures the syslog related parameters. The logging process controls the distribution of logging messages to the various destinations, such as the logging buffer, logging file, or syslog server.

The no form of the command disables syslog server and resets the configured parameters. When the syslog feature is disabled, the existing syslog buffers will not be cleared and none of the configured options will be changed.

Syntax:
logging { buffered [<size (1-200)>] | console | facility {local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7|}| severity [{ <level (0-7)> | alerts | critical | debugging | emergencies | errors | informational | notification | warnings }] | on }

no logging { buffered | console | facility | severity | on }

Parameter Description:

• buffered - Limits Syslog messages displayed from an internal buffer. This size ranges between 1 and 200 entries.

  ---

  Note: The size feature is optional only in the code using the industrial standard command, otherwise this feature is mandatory.

  ---

• console - Limits messages logged to the console.
• facility - The facility that is indicated in the message. Can be one of the following values: local0, local1, local2, local3, local4, local5, local 6, local7.

• severity – Message severity level. Messages with severity level equal to or higher than the specified value are printed asynchronously. This can be configured using numerical value or using the available option. The options are:
• 0 | emergencies – System is unusable.
• 1 | alerts – Immediate action needed.
• 2 | critical – Critical conditions.
• 3 | errors – Error conditions.
• 4 | warnings – Warning conditions.
• 5 | notification – Normal but significant conditions.
• 6 | informational – Informational messages.
• 7 | debugging – Debugging messages.

• alerts - Immediate action needed
• critical – Critical conditions
• debugging – Debugging messages
• emergencies – System is unusable
• errors – Error conditions
• informational – Informational messages
• notification – Normal but significant conditions
• warnings – Warning conditions
• on – Syslog enabled

Mode:
Global Configuration Mode

Default:

• console - enabled
• severity - informational, when no option is selected while configuring.
• debugging, at system start-up.
• buffered - 50
• facility - local0

When the Syslog feature is disabled, the existing syslog buffers will not be cleared and none of the configured options will be changed.

Example:

Your Product (config)# logging buffered

Configuration Commands

This section includes Syslog configuration commands.

mailserver

Command Objective:
This command configures the mail server address used for sending email alert messages.

The no form of the command deletes the mail server address from the mail table.

Syntax:
mail-server < short(0-191) > {ipv4 < ucast_addr > |ipv6 < ip6_addr > | < dns_host_name >} < string(50) > [user < user_name > password < password >]

no mail-server <short(0-191)> {ipv4 <ucast_addr> |ipv6 <ip6_addr> | <dns_host_name>}

Parameter Description:

• <short (0-191)> - Sets the priority for that particular mail-server configuration. This value ranges from 0 to 191.
• ipv4<ucast_addr> - Configures the IPv4 destination address for the syslog mail server
• ipv6<ip6_addr> - Configures the IPv6 destination address for the syslog mail server.
• <dns_host_name> - Configures the DNS host name for the syslog mail server. This value is a string of size 255.
• <string(50)> - Specifies the receiver mail id in which the email alert messages are received and logged. This value is a string of maximum size 50.
• user <user_name> - Configures the user name of the account in the mail server to which the mails is to be sent. The user name is used only if a valid authentication method is configured for the system. This value is a string of maximum size 64.
• password < password > - Sets the password to authenticate the user name in the mail server. The password is used only if a valid authentication method is configured for the system. This value is a string of maximum size 64.

Mode:
Global Configuration Mode

Example:

Your Product (config)# mail-server 190 ipv4 23.78.67.89 skylight_tac@cisco.com

sender mail-id

Command Objective:
This command sets the sender mail id from which the email alert messages are sent.

The no form of the command deletes the configured sender mail id.

Syntax:
sender mail-id <mail-id (100)>

no sender mail-id

Mode:
Global Configuration Mode

Example:

Your Product (config)# sender mail-id 

cmdbuffs

Command Objective:
This command configures the number of syslog buffers for a particular user.

Syntax:
cmdbuffs < user name > < no.of buffers (1-200) >

Parameter Description:

• < user name > - User Name
• < no.of buffers (1-200) > - Number of log buffers to be allocated in the system

Mode:
Global Configuration Mode

Default:
50

Example:

Your Product(config)#cmdbuffs Accedian 50

syslog mail

Command Objective:
This command enables the syslog mail storage in the system. By enabling syslog mail storage, Skylight Flex 100 sends the syslog messages as mail messages to the mail-server configured in the system.

The no form of command disables the mail option in syslog.

Syntax:
syslog mail

no syslog mail

Mode:
Global Configuration Mode

Default:
50

Example:

Your Product (config)# syslog mail

syslog local storage

Command Objective:
This command enables the syslog file storage to log the status in the local storage path.

The no form of command disables the syslog local storage.

Syntax:
syslog localstorage

no syslog localstorage

Mode:
Global Configuration Mode

Example:

Your Product (config)# syslog localstorage

syslog filename-one

Command Objective:
This command configures a first file to store the syslog messages locally. The maximum size of the file name is 32.

Syntax:
syslog filename-one <string(32)>

Mode:
Global Configuration Mode

Example:

Your Product (config)# syslog filename-one iss1

syslog filename-two

Command Objective:
This command configures a second file to store the syslog messages locally. The maximum size of the file name is 32.

Syntax:
syslog filename-two <string(32)>

Mode:
Global Configuration Mode

Example:

Your Product (config)# syslog filename-two iss2

syslog filename-three

Command Objective:
This command configures a third file to store the syslog messages locally. The maximum size of the file name is 32.

Syntax:
syslog filename-three <string(32)>

Mode:
Global Configuration Mode

Example:

Your Product (config)# syslog filename-three iss3

syslog relay-port

Command Objective:
This command sets the syslog port through which the relay receives the syslog messages, irrespective of the transport type. The port number ranges between 0 and 65535.

The no form of command sets the syslog port to default port.

Syntax:
syslog relay-port < integer(0-65535) >

no syslog relay-port

Mode:
Global Configuration Mode

Default:
514

Example:

Your Product (config)# syslog relay-port 500

syslog profile

Command Objective:
This command sets the profile for reliable syslog.

The no form of command sets the profile to default (raw ) for Reliable Syslog.

Syntax:
syslog profile raw

no syslog profile

Parameter Description:

• raw - Sets the syslog profile as raw which is the profile for the transport type beep.

Mode:
Global Configuration Mode

Example:

Your Product (config)# syslog profile raw

logging-file

Command Objective:
This command adds an entry in the file table.

The no form of command deletes an entry from the file table.

Syntax:
logging-file [<short(0-191)>] <string(32)>

no logging-file [<short(0-191)>] <string(32)>

Parameter Description:

• [<short(0-191)>] - Sets the priority of syslog messages. 0-lowest priority, 191-highest priority. When no specific priority is given, syslog messages with all priority values are written to the local syslog server.
• <string(32)> - Represents the file-name in which a log is done.

Mode:
Global Configuration Mode

Example:

Your Product (config)# logging-file 134 iss1

logging-server

Command Objective:
This command configures a server table to log an entry in it.

The no form of command deletes an entry from the server table.

Syntax:
logging-server [<short(0-191)>] {ipv4 <ucast_addr> | ipv6 <ip6_addr> | <dns_host_name>} [ port <integer(1-65535)>] [{udp | tcp | beep}]

no logging-server [<short(0-191)>] {ipv4 <ucast_addr> |ipv6 <ip6_addr> | <dns_host_name>}

Parameter Description:

• [<short(0-191)>] - Sets the priority for the syslog messages which decides the order in which it is to be forwarded to the desired server. 0-lowest priority, 191-highest priority. This value ranges from 0 to 191. When no specific priority is given, syslog messages with all priority values are forwarded to the remote syslog server.
• ipv4 <ucast_addr> - Sets the server address type as internet protocol version 4 and configures the IPv4 address of the server.
• ipv6 <ip6_addr> - Sets the server address type as internet protocol version 6 and configures the IPv6 address of the server.
• <dns_host_name> - Configures the DNS host name for a server to log an entry. This value is a string of maximum size 63.
• port<integer(1-65535)> - Sets the port number through which the server sends the syslog message. This value ranges from 1 to 65535.
• udp - Sets the forward transport type as UDP.
• tcp - Sets the forward transport type as TCP.
• beep - Sets the forward transport type as beep.

Mode:
Global Configuration Mode

Default:

• Transport type - udp
• port - 514

Example:

Your Product (config)# logging-server 134 ipv4 12.0.0.3

syslog relay

Command Objective:
This command changes the syslog role from device to relay.

The no form of command changes the syslog role from relay to device.

Syntax:
syslog relay

no syslog relay

Mode:
Global Configuration Mode

Example:

Your Product (config)# syslog relay

syslog relay transport type

Command Objective:
This command sets the Syslog relay transport type either as UDP or TCP.

Syntax:
syslog relay transport type {udp | tcp}

Parameter Description:

• udp - Sets the relay transport type as udp
• tcp - Sets the relay transport type as tcp

Mode:
Global Configuration Mode

Example:

Your Product (config)# syslog relay transport type udp

smtp authentication

Command Objective:
This command sets the SMTP authentication method while sending email alerts to the configured mail server.

The no form of the command resets the authentication method to send email alerts with any authentication.

Syntax:
smtp authentication {auth-login | auth-plain | cram-md5 | digest-md5}

no smtp authentication

Parameter Description:

• auth-login - Sets the smtp authentication method as auth-login in which both the user name and password are BASE64 encoded
• auth-plain - Sets the smtp authentication method as auth-plain in which the user name and password used for authentication are combined to one string and BASE64 encoded.
• cram-md5 - Sends the BASE64 encoded user name and 16-byte digest in hexadecimal notation. The digest is generated using HMAC calculation with password as secret key and SMTP server original challenge as the message.
• digest-md5 - Sets the smtp authentication method as digest-md5 in which the BASE64 encoded MD5 digest response string that is calculated using the user name, password, realm string and nonce string.

Mode:
Global Configuration Mode

Example:

Your Product (config)# smtp authentication auth-login

snmp trap syslog-server-status

Command Objective:
This command enables trap generation when the syslog server is down.

The no form of the command disables trap generation when the syslog server is down.

Syntax:
snmp trap syslog-server-status

no snmp trap syslog-server-status

Parameter Description:

• trap - Configures trap related parameters
• syslog-server-status - Configures syslog server related configurations.

Mode:
Global Configuration Mode

Default:
Syslog server trap generation is enabled.

Example:

Your Product (config)# snmp trap syslog-server-status

logging-source ipv4

Command Objective:
This command configures Source IP address used while sending syslog message.

The no form of command deletes Source IP address configured and resets to default value.

Syntax:
logging-source ipv4 <ucast_addr>

no logging-source

Mode:
Global Configuration Mode

Example:

Your Product (config)# logging-source ipv4 12.0.0.3

logging-filesize

Command Objective:
This command sets the size of the logging file. The size of the file ranges from 512 to 4194304.

Syntax:
logging-filesize <integer(512-4194304)>

Mode:
Global Configuration Mode

Example:

Your Product (config)# logging-filesize 4194304

Display Commands

This section includes Syslog display commands.

show logging

Command Objective:
This command displays all the logging status and configuration information.

Syntax:
show logging

Mode:
Privileged EXEC Mode

Example:

Your Product# show logging

System Log Information
---------------------
Syslog logging   : enabled(Number of messages 0)
Console logging  : enabled(Number of messages 1)
TimeStamp option : enabled
Severity logging     : Debugging
Log server IP    : 10.0.0.1
Facility         : Default (local0)
Buffered size    : 100 Entries
LogBuffer (0 Entries, 0 bytes)
<129>Aug  7 12:08:02 ISS CLI Attempt to login as root via console Succeeded

show email alerts

Command Objective:
This command displays configurations related to email alerts.

Syntax:
show email alerts

Mode:
Privileged EXEC Mode

Example:

Your Product# show email alerts

show syslog role

Command Objective:
This command displays the syslog role.​

Syntax:
show syslog role

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog role

Syslog Role    : Relay 

show syslog mail

Command Objective:
This command displays status of the mail option in syslog.

Syntax:
show syslog mail

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog mail

Syslog Mail Option    : Enabled

show syslog localstorage

Command Objective:
This command displays the syslog local storage.

Syntax:
show syslog localstorage

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog localstorage

Syslog Localstorage    : Enabled

show logging-file

Command Objective:
This command displays the priority and file name of all three files configured in the syslog file table.

Syntax:
show logging-file

Mode:
Privileged EXEC Mode

Example:

Your Product# show logging-file

Syslog File Table Information
----------------------------
Priority    File-Name
--------    ----------
134          iss1
134          iss2
134          iss3

show logging-server

Command Objective:
This command displays the information about the syslog logging server table.

Syntax:
show logging-server

Mode:
Privileged EXEC Mode

Example:

Your Product# show logging-server

Syslog Forward Table Information
--------------------------------

Priority  Address-Type   IpAddress                           Port   Trans-Type

--------  ------------   ---------                               ----   ----------

1         host           abc.com                                 2      tcp

129       ipv4           12.0.0.2                                514    udp

191       ipv6           1111::2222                              514    udp

show mail-server

Command Objective:
This command displays the information about the syslog mail server table.

Syntax:
show mail-server

Mode:
Privileged EXEC Mode

Example:

Your Product# show mail-server

Syslog Mail Table Information
 ----------------------------

Priority  Address-Type   IpAddress       Receiver Mail-Id  UserName
--------  ------------   ---------       ----------------  --------

0         host           abc.com  mail@gmail.com  user1

1         ipv4           15.0.0.100  mail1@example.com  user2

2         ipv6           1111::2222  mail2@example.com

show syslog relay-port

Command Objective:
This command displays the Syslog relay port.

Syntax:
show syslog relay-port

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog relay-port

Syslog Port    : 251

show syslog profile

Command Objective:
This command displays the syslog profile.

Syntax:
show syslog profile

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog profile

Syslog Profile    : raw

show syslog relay transport type

Command Objective:
This command displays the Syslog relay transport type.

Syntax:
show syslog relay transport type

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog relay transport type

Syslog Relay Transport type udp

show syslog file-name

Command Objective:
This command displays all the syslog local storage file names.

Syntax:
show syslog file-name

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog file-name

Syslog File Name
----------------------
Syslog File-One :iss1
Syslog File-Two :iss2
Syslog File-Three :iss3

show syslog information

Command Objective:
This command displays the status of consolidated syslog log information.

Syntax:
show syslog information

Mode:
Privileged EXEC Mode

Example:

Your Product# show syslog information

System Log Information
----------------------
Syslog Localstorage    : Enabled
Syslog Mail Option    : Enabled
Syslog Port    : 251
Syslog Role    : Relay
Smtp Authentication   : None

Clear Commands

This section includes Syslog clear command.

clear logs

Command Objective:
This command clears the system syslog buffers.

Syntax:
clear logs

Mode:
Privileged EXEC Mode / Global Configuration Mode

Example:

Your Product (config)# clear logs

Your Product# clear logs