The two primary types of logging supported on the 7210 SAS are event logging and accounting logs.
Event logging controls the generation, dissemination and recording of system events for monitoring status and troubleshooting faults within the system. The 7210 SAS groups events into four major categories or event sources:
security events
These are events that pertain to attempts to breach system security.
change events
These are events that pertain to the configuration and operation of the node.
main events
These are events that pertain to applications that are not assigned to other event categories/sources.
debug events
These are events that pertain to trace or other debugging information.
The following are events within the 7210 SAS and have the following characteristics:
a time stamp in UTC or local time
the generating application
a unique event ID within the application
the VRF-ID
a subject identifying the affected object
a short text description
Event control assigns the severity for each application event and whether the event should be generated or suppressed. The severity numbers and severity names supported on the 7210 SAS conform to ITU standards M.3100 X.733 and X.21 and are listed in the following table.
Severity number |
Severity name |
|---|---|
1 |
cleared |
2 |
indeterminate (info) |
3 |
critical |
4 |
major |
5 |
minor |
6 |
warning |
Events that are suppressed by event control do not generate event log entries. Event control maintains a count of the number of events generated (logged) and dropped (suppressed) for each application event. The severity of an application event can be configured in event control.
An event log in the 7210 SAS associates the event sources with logging destinations. Examples of logging destinations include, the console session, a specific Telnet or SSH session, memory logs, file destinations, SNMP trap groups and syslog destinations. A log filter policy can be associated with the event log to control which events are logged in the event log based on combinations of application, severity, event ID range, VRF ID, and the subject of the event.
The 7210 SAS accounting logs collect comprehensive accounting statistics to support a variety of billing models. The routers collect accounting data on services and network ports on a per-service class basis. In addition to gathering information critical for service billing, accounting records can be analyzed to provide insight about customer service trends for potential service revenue opportunities. Accounting statistics on network ports can be used to track link utilization and network traffic pattern trends. This information is valuable for traffic engineering and capacity planning within the network core.
Accounting statistics are collected according to the parameters defined within the context of an accounting policy. Accounting policies are applied to access objects (such as access ports and SAPs) or network objects (such as SDPs, network ports, network IP interface). Accounting statistics are collected by counters for individual services defined on the customer’s SAP or by the counters within forwarding class (FC) queues defined on the network ports.
The type of record defined within the accounting policy determines where a policy is applied, what statistics are collected and time interval at which to collect statistics.
The ‟location” field of the file-id allows the user configure the device and store it in any directory. The default value is cf1:, but it can also be uf1: (for devices supporting USB).