1. Log Events

1.1. In This Chapter

This chapter provides general information about the log events described in this guide.

For more information about event logs, see the 7450 ESS, 7750 SR, 7950 XRS, and VSR System Management Guide.

1.2. Log Events

Log events that are forwarded to a destination are formatted in a way appropriate for the specific destination whether it be recorded to a file or sent as an SNMP trap, but log events have common elements or properties. All application generated events have the following properties:

  1. A time stamp in UTC or local time.
  2. The generating application.
  3. A unique event ID within the application.
  4. A router name identifying the VRF-ID that generated the event.
  5. A subject identifying the affected object.
  6. A short text description. For further information on variables found in the message format strings, please see the associated SNMP Notification definition in the SR OS MIBs.

The general format for a log event with either a memory, console or file destination is as follows.

nnnn YYYY/MM/DD HH:MM:SS.SS TZONE <severity>: <application> #<event_id> <router-name>
 <subject> 
<message>

The following is a log event example:

252 2013/05/07 16:21:00.76 UTC WARNING: SNMP #2005 Base my-interface-abc 
"Interface my-interface-abc is operational" 

The specific elements that compose the general format are described in Table 1.

Table 1:  Log Entry Field Descriptions  

Label

Description

nnnn

The log entry sequence number.

YYYY/MM/DD

The UTC or local date stamp for the log entry.

YYYY — Year

MM — Month

DD — Date

HH:MM:SS.SS

The UTC time stamp for the event.

HH — Hours (24 hour format)

MM — Minutes

SS.SS — Seconds

TZONE

The timezone (for example, UTC, EDT) as configured by configure log log-id x time-format.

<severity>

The severity level of the event.

  1. CRITICAL
  2. MAJOR
  3. MINOR
  4. WARNING
  5. INFO
  6. CLEARED

<application>

The name of the application generating the log message.

<event_id>

The application’s event ID number for the event.

<router>

The router name representing the VRF-ID that generated the event. Some examples include: Base, management, and vprn348.

<subject>

The subject/affected object for the event.

<message>

A text description of the event.

1.3. Sample Log Event

Table 2 contains a sample log event entry from this guide for the cli_config_io log event.

Table 2:    cli_config_io properties

Property name

Value

Application name

USER

Event ID

2011

Event name

cli_config_io

SNMP notification prefix and OID

N/A

Default severity

minor

Message format string

User from $srcAddr$: $prompt$ $message$

Cause

A CLI command was entered in a configuration node.

Effect

The configuration was changed by the CLI command.

Recovery

No recovery is required.

The table title for a log event entry is the event name. Each entry contains the information described in Table 3.

Table 3:  Log Entry Field Descriptions  

Label

Description

Application name

The name of the application generating the log message.

Event id

The application’s event ID number for the event.

Event name

The name of the event.

SNMP notification prefix and OID

The prefix and OID of the SNMP notification associated with the log event

Default severity

The default severity level of the event.

  1. CRITICAL
  2. MAJOR
  3. MINOR
  4. WARNING
  5. INFO
  6. CLEARED

Message format string

A text description of the event.

Cause

The cause of the event.

Effect

The effect of the event.

Recovery

How to recover from this event, if necessary.