Here are few syslog messages in a cisco switch.Each syslog message has common parameters like Facility, Severity & Mnemomics.
%SYS-5-CONFIG_I: Configured from console by consol %STACKMGR-4-SWITCH_ADDED: Switch 1 has been ADDED to the stack %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to down %SPANTREE-5-EXTENDED_SYSID: Extended SysId enabled for type vlan
You can send these syslog messages to a Console, buffer, monitor, host depend on your requirement. Most common is sending to a remote host (or syslog server). For troubleshooting you can configure a device to send it to console or monitor (if you remotely log in) or buffer. Following example shows syslog configuration done on a cisco IOS device.
logging 192.168.100.10 logging facility local5 logging buffered 100000 notification logging trap notifications logging source-interface Loopback0
There are 8 severity levels in Syslog messages. Once you configured a severity level all syslog messages from that level & below (numerical value) messages are sent to syslog server.
1 – Alert
2 – Critical
3 – Error
4 – Warning
5 – Notification
6 – Informational
7 – Debugging
I remember this using “Every Airplane comes with Critical Errors & Warning Notification Information Display”.
To configure syslog in cisco WLC you have to go “Management > Logs > Config” section. Syslog level show in the drop-down box is not in to severity order you have to know severity number against each classification. e.g if they ask to configure severity level 3 & above, you have to select ” Error” here. Syslog facility level can be used to differentiate syslog messages coming from a certain devices. e.g. you can configure all routers syslog to certain facility level & all switches syslog in another facility level.
Also you can configure message logs to store local to the controller in the same section. You can configure buffer & console log levels. By using CLI as well you can configure those. Following shows the available options for configuration.
(WLC1) >config logging ? buffered Set buffered logging parameters. console Set console logging parameters. debug Set debug message logging parameters. exception Limit size of exception flush output. fileinfo Set source file information logging parameters. syslog Configure parameters for outgoing syslog mesages. traceinfo Set traceback information logging parameters.
By using the WLC CLI you can configure advanced options for Syslog. Below shows advanced config options available for a particular frequency band (in this case 802.11a or 5GHz)
(WLC1) >show advanced 802.11a logging RF Event and Performance Logging Channel Update Logging......................... Off Coverage Profile Logging....................... Off Foreign Profile Logging........................ Off Load Profile Logging........................... Off Noise Profile Logging.......................... Off Performance Profile Logging.................... Off TxPower Update Logging......................... Off
You can configure any of these by “config advanced <802.11a|802.11b> logging < > <on|off> “command. As you can see above all are off by default.
(WLC1) >config advanced 802.11a logging ? channel 802.11a channel change logging mode. coverage 802.11a coverage profile logging mode. foreign 802.11a foreign interference profile logging mode. load 802.11a load profile logging mode. noise 802.11a noise profile logging mode. performance 802.11a performance profile logging mode. txpower 802.11a transmit power change logging mode. (WLC1) >config advanced 802.11a logging channel ? on Turns on 802.11a channel logging off Turns off 802.11a channel logging
Access Points related syslog messages can be configured only using CLI mode. You can configure getting syslog from all ap (global) or from specific ap (specific) by using “config ap syslog host ” command.
(WLC1) >config ap syslog host ? global Configures the global system logging host for all Cisco AP specific Configures the system logging host for a specific Cisco AP. ! (WLC1) >config ap syslog host specific HQ-AP1 192.168.100.10
You can go through “Cisco Wireless LAN Controller Command Reference, Release 7.0” for all commands available in 7.0 release which is tested at CCIEW 2.0 lab exam.