encryption-key key [hash | hash2]
no encryption-key
config>log
This command specifies the encryption key used by AES-265-CTR for log file encryption. The encryption key is used for all local log files on the system.
The no form of this command deletes the encryption key.
specifies the encryption key
If the hash or hash2 parameter is not configured, the key is entered in plaintext and the key length must be between 8 and 32 characters. A plaintext key cannot contain embedded nulls or end with "hash" or "hash2".
If the hash or hash2 parameter is configured, the key is hashed and the key length must be between 1 and 64 characters.
specifies that the key is entered and stored on the node in encrypted form
specifies that the key is entered and stored on the node in a more complex encrypted form. The hash2 encryption scheme is node-specific and the key cannot be transferred between nodes
[no] file-id log-file-id
config>log
This command enables the context to configure a file ID template that is used as a destination for an event log or an accounting (billing) file.
The template defines the file location and characteristics of the destination for a log event message stream or for accounting and billing information. The log-file-id variable defined in this context is subsequently specified in the to command under config>log>log-id or config>log>accounting-policy contexts, to direct specific logging or accounting source streams to the file destination.
A file ID can only be assigned to either one log-id or one accounting-policy. It cannot be reused for multiple instances. A file ID and associated file definition must exist for each log and accounting file that will be stored in the file system.
A file is created when the file ID defined by this command is selected as the destination type for a specific log or accounting record. Log files are collected in a "log" directory. Accounting files are collected in an "act" directory.
The filenames for a log or accounting file are created by the system (see Table: Log Filenames).
File Type |
Filename |
|---|---|
Log File |
logllff-timestamp |
Accounting File |
actaaff-timestamp |
where:
ll is the log-id
aa is the accounting policy-id
ff is the file-id
timestamp is the actual timestamp when the file is created. The format for the timestamp is yyyymmdd-hhmmss, where:
yyyy is the year (for example, 2016)
mm is the month number (for example, 12 for December)
dd is the day of the month (for example, 03 for the 3rd of the month)
hh is the hour of the day in 24-hour format (for example, 04 for 4 a.m.)
mm is the minutes (for example, 30 for 30 minutes past the hour)
ss is the number of seconds (for example, 14 for 14 seconds)
The accounting file is compressed and has a .gz extension.
When initialized, each file contains:
the log-id description
the time the file was opened
the reason the file was created
the sequence number of the last event stored on the log (if the event log file was closed properly)
If the process of writing to a log file fails (for example, the compact flash card is full), the log file will not become operational even if the compact flash card is replaced. Enter a clear log command or a shutdown/no shutdown command sequence to reinitialize the file.
If the location fails (for example, the compact flash card fills up during the write process), a trap is sent.
The no form of the command removes the file ID from the configuration. A file ID can only be removed from the configuration if the file is not the designated output for a log destination. The actual file remains on the file system.
n/a
the file identification number for the file, expressed as a decimal integer
location cflash-id
no location
config>log>file-id
This command specifies the location where the log or accounting billing file will be created.
The location command is optional. If the location command is not explicitly configured, log and accounting files will be created on cf3: for the following:
7705 SAR-8 Shelf V2
7705 SAR-A
7705 SAR-Ax
7705 SAR-H
7705 SAR-Hc
7705 SAR-M
7705 SAR-Wx
7705 SAR-X
For the 7705 SAR-18, log files are created by default on cf1: and accounting files are created by default on cf2:. There are no overflows onto other devices.
The 7705 SAR-A, 7705 SAR-Ax, 7705 SAR-Wx, 7705 SAR-Hc, and 7705 SAR-X do not have field-replaceable compact flash drives; they are shipped with integrated flash memory that is used to store system boot software, OS software, and configuration files and logs. The flash memory is identified as cf3-A: by the system. On the 7705 SAR-X and 7705 SAR-Ax, the flash memory is 512 Mbytes; for the other platforms, the flash memory is 256 Mbytes.
When multiple location commands are entered in a single file ID context, the last command overwrites the previous command.
When the location of a file ID that is associated with an active log ID is changed, the log events are not immediately written to the new location. The new location does not take effect until the log rolls over, either because the rollover period has expired or a clear>log log-id command is entered to manually roll over the log file.
When creating log or accounting files, the designated location is used as long as there is available space. If no space is available, an attempt is made to delete unnecessary files that are past their retention date.
If sufficient space is not available, an attempt is made to remove the oldest to newest closed log or accounting files. After each file is deleted, the system attempts to create the new file.
A medium severity trap is issued to indicate that the compact flash is either not available or that no space is available on the specified flash.
A high-priority alarm condition is raised if the compact flash device for this file ID is not present or if there is insufficient space available. If space does becomes available, the alarm condition will be cleared.
Use the no form of this command to revert to default settings.
For the 7705 SAR-8 Shelf V2, 7705 SAR-A, 7705 SAR-Ax, 7705 SAR-H, 7705 SAR-Hc, 7705 SAR-M, 7705 SAR-Wx, and 7705 SAR-X, log and accounting files are created on cf3:
For the 7705 SAR-18, log files are created on cf1: and accounting files are created on cf2:
specifies the location of the flash
rollover minutes [retention hours]
no rollover
config>log>file-id
This command configures how often an event or accounting log is rolled over or partitioned into a new file.
An event or accounting log is actually composed of multiple individual files. The system creates a new file for the log based on the rollover time, expressed in minutes.
The retention option, expressed in hours, allows you to modify the default time that the file is kept in the system. The retention time is based on the rollover time of the file. The retention time is used as a factor to determine which files should be deleted first as the file space becomes full.
When multiple rollover commands for a file ID are entered, the last command overwrites the previous command.
rollover 1440
retention 12
the rollover time, in minutes
the retention period, in hours, expressed as a decimal integer. The retention period is based on the creation time of the file. The file becomes a candidate for removal when the creation timestamp + rollover time + retention time is less than the current timestamp.