Setting up logs on Cisco Nexus

In this article I will give an example of setting up logs on Cisco Nexus switches.

Let’s look at the current log settings:

show logging
show logging timestamp
show running-config | include log
show logging internal info

show logging logfile

show logging info
Logging logfile:                enabled
        Name - messages: Severity - notifications Size - 4194304

show logging console
Logging console:                enabled (Severity: critical)

show logging monitor
Logging monitor:                enabled (Severity: notifications)

An example of viewing the last 50 entries from the logs:

show logging | last 50
show logging nvram last 50

I personally prefer not to write logs to the device’s memory (disable their recording to the internal memory), but to send them to the syslog server, this way the memory life will be longer and it will be more convenient to view the logs of all devices in one place.

An example of specifying a syslog server:

logging server 6 facility local3
logging server 6 use-vrf default facility local6

Where, after the IP address, the number 6 is indicated, which determines the logging level, see the full list:

0 – emergency
1 – alert
2 – critical
3 – error
4 – warning
5 – notification
6 – informational
7 – debugging

For example, on devices in the core of the network I indicate 6 – informational, and on access devices that are not so important 4 – warning.

To cancel/delete a command, just write “no” in front of it, for example:

no logging server 6 use-vrf default facility local6

Disabling logging to a file:

no logging logfile

An example of setting up logging to the file with level 4 – warning:

logging logfile 4 size 4194304

Clearing logs:

clear logging logfile
clear logging nvram

List of available commands in configuration mode:

 logging ?
  abort             Flushes cached data without committing and releases the lock
  commit            Commits cached data (of all msg types) and releases the lock
  console           Set console logging
  distribute        Enables/disables fabric distribution using cfs.
  event             Interface events
  ip                IP configuration
  level             Facility parameter for syslog messages
  logfile           Set File logging
  message           Interface events
  module            Set module(linecard) logging
  monitor           Set terminal line(monitor) logging level
  origin-id         Enable origin information for Remote Syslog Server
  server            Enable forwarding to Remote Syslog Server
  source-interface  Enable Source-Interface for Remote Syslog Server
  timestamp         Set logging timestamp granularity

See also my articles:
Debug on Cisco
Installing Rsyslog + Loganalyzer + MySQL
My other articles about Cisco

Leave a comment

Leave a Reply