In this post we will learn how to configure WLC for logging option. Logs are always good to have while troubleshooting any issue.
Console logging: By default, the devices send all log messages to its console port. Hence only the users that are physically connected to the router console port can view these messages.
Terminal logging: It is similar to console logging, but it displays log messages to the devices VTY (Telnet or SSH) lines instead. This is not enabled by default
Buffered logging: This type of logging uses device RAM for storing log messages. Buffer has a fixed size to ensure that the log will not deplete valuable system memory.
Syslog Server logging: The device can use syslog to forward log messages to external syslog servers for storage. This type of logging is not enabled by default.
SNMP trap logging: The device is able to use SNMP traps to send log messages to an external SNMP server.
What we can configure:
Syslog:
- Syslog host
- Syslog facility
- Syslog level
Message Log:
- Buffered Log Level
- Console Log Level
- File Info
- Trace Info
Syslog configuration:
Screenshot from WLC: Management > Logs > Config.
Via GUI we have only two options for syslog configuration but via CLI we have four options:
Via GUI:
To configure syslog in cisco WLC we have to go Management > Logs > Config option.
- Put the IP of the syslog host where we want to send it and click on Add.
- Then select the syslog level from drop down box.
- Select the Syslog facility from drop down box.
*** If we set a syslog level, only those messages whose severity is equal to or less than that level are sent to the syslog server.
*** After code 5.x, it’s possible to send the logging to multiple syslog servers.
Via CLI:
(WLAN1) >config logging syslog ? facility Set facility for outgoing syslog mesages to remote host. host Configure remote hosts for sending syslog mesages. level Set severity level for filtering syslog mesages to remote host. tls Configure sending syslog messages over tls. (WLAN1) >config logging syslog host 192.168.10.1 System logs will be sent to 192.168.10.1 from now on (WLAN1) >config logging syslog host ? <A.B.C.D> dotted IP address of the remote host. (WLAN1) >config logging syslog facility ? auth-private Authorization system (private). authorization Authorization system. cron Cron/at facility. daemon System daemons. ftp FTP daemon. kern Kernel. local0 Local use. local1 Local use. local2 Local use. local3 Local use. local4 Local use. local5 Local use. local6 Local use. local7 Local use. lpr Line printer system. mail Mail system. news USENET news. sys12 System use. sys13 System use. sys14 System use. sys15 System use. syslog Syslog itself. user User process. uucp Unix-to-Unix copy system. (WLAN1) >config logging syslog facility local? local0 local1 local2 local3 local4 local5 local6 local7 (WLAN1) >config logging syslog facility local4 (WLAN1) >config logging syslog level ? <0-7> Set syslog message logging message severity level. alerts Set syslog message logging severity to 'alerts' (severity 1). critical Set syslog message logging severity to 'critical' (severity 2). debugging Set syslog message logging severity to 'debugging' (severity 7). emergencies Set syslog message logging severity to 'emergencies' (severity 0). errors Set syslog message logging severity to 'errors' (severity 3). informational Set syslog message logging severity to 'informational' (severity 6). notifications Set syslog message logging severity to 'notifications' (severity 5). warnings Set syslog message logging severity to 'warnings' (severity 4). (WLAN1) >config logging syslog level warnings (WLAN1) >config logging syslog tls ? enable Enable logging message to syslog over tls. disable Disable logging message to syslog over tls.
***Note: When we are configuring syslogs for APs, it is always recommended to do it after the APs have joined up to the WLCs to ensure that they get the configurations.
Syslog configuration for APs via WLC CLI interface.
(WLAN1) >config ap syslog host ? global Configures the global system logging host for all Cisco AP specific Configures the system logging host for a specific Cisco AP. (WLAN1) >config ap syslog host specific ? <ap-name> Specify the name of the specific Cisco AP. (WLAN1) >config ap syslog host specific AP001 ? <a.b.c.d> IP address of the system logging host for the specified Cisco AP (WLAN1) >config ap syslog host specific AP001 192.168.10.1 (WLAN1) >config ap logging ? syslog Set Ap logging syslog level. (WLAN1) >config ap logging syslog ? level Syslog level. facility Facility level. (WLAN1) >config ap logging syslog level ? alerts Logging severity level 1. critical Logging severity level 2. debugging Logging severity level 7. emergencies Logging severity level 0. errors Logging severity level 3. informational Logging severity level 6. notifications Logging severity level 5. warnings Logging severity level 4. (WLAN1) >config ap logging syslog level warnings ? <Cisco AP> Enter the name of the Cisco AP. all Applies the settings to all APs. (WLAN1) >config ap logging syslog level warnings all (WLAN1) >config ap logging syslog facility ? auth Authorization system. cron Cron/at facility. daemon System daemons. kern Kernel. local0 Local use. local1 Local use. local2 Local use. local3 Local use. local4 Local use. local5 Local use. local6 Local use. local7 Local use. lpr Line printer system. mail Mail system. news USENET news. sys10 System use. sys11 System use. sys12 System use. sys13 System use. sys14 System use. sys9 System use. syslog Syslog itself. user User process. uucp Unix-to-Unix copy system. (WLAN1) >config ap logging syslog facility lo? local0 local1 local2 local3 local4 local5 local6 local7 (WLAN1) >config ap logging syslog facility loc? local0 local1 local2 local3 local4 local5 local6 local7 (WLAN1) >config ap logging syslog facility local4 ? <Cisco AP> Enter the name of the Cisco AP. all Applies the settings to all APs. (WLAN1) >config ap logging syslog facility local4 all
Message Log Configuration:
Via GUI:
Buffered log level:
Console Log level:
Via CLI:
Buffered log level:
(WLAN1) >config logging ? buffered Set buffered logging parameters. console Set console logging parameters. debug Set debug message logging parameters. exception Limit size of exception flush output. fileinfo Set source file information logging parameters. syslog Configure parameters for outgoing syslog mesages. traceinfo Set traceback information logging parameters. (WLAN1) >config logging buffered ? <0-7> Set buffer logging message severity level. alerts Set buffer logging severity to 'alerts' (severity 1). critical Set buffer logging severity to 'critical' (severity 2). debugging Set buffer logging severity to 'debugging' (severity 7). emergencies Set buffer logging severity to 'emergencies' (severity 0). errors Set buffer logging severity to 'errors' (severity 3). informational Set buffer logging severity to 'informational' (severity 6). notifications Set buffer logging severity to 'notifications' (severity 5). warnings Set buffer logging severity to 'warnings' (severity 4). (WLAN1) >config logging buffered warnings
Console Log level:
(WLAN1) >config logging console ? <0-7> Set console logging message severity level. alerts Set console logging severity to 'alerts' (severity 1). critical Set console logging severity to 'critical' (severity 2). debugging Set console logging severity to 'debugging' (severity 7). disable Disable console logging. emergencies Set console logging severity to 'emergencies' (severity 0). errors Set console logging severity to 'errors' (severity 3). informational Set console logging severity to 'informational' (severity 6). notifications Set console logging severity to 'notifications' (severity 5). warnings Set console logging severity to 'warnings' (severity 4). (WLAN1) >config logging console warnings
To verify the syslog configuration, use the show logging command from the WLC CLI:
(WLAN1) >show logging Logging to buffer : - Logging of system messages to buffer : - Logging filter level.......................... warnings - Number of system messages logged.............. 61 - Number of system messages dropped............. 1139290 - Logging of debug messages to buffer ........... Disabled - Number of debug messages logged............... 0 - Number of debug messages dropped.............. 0 Logging to console : - Logging of system messages to console : - Logging filter level.......................... warnings - Number of system messages logged.............. 0 - Number of system messages dropped............. 1139351 - Logging of debug messages to console .......... Enabled - Number of debug messages logged............... 0 - Number of debug messages dropped.............. 0 Logging to syslog : - Syslog facility................................ local4 - Logging of system messages to syslog : - Logging filter level.......................... warnings - Number of system messages logged.............. 61 - Number of system messages dropped............. 1139290 - Logging of debug messages to syslog ........... Disabled - Number of debug messages logged............... 0 - Number of debug messages dropped.............. 0 - Number of remote syslog hosts.................. 1 - syslog over tls................................ Disabled - Host 0....................................... 192.168.10.1
To view the message logs use this command from WLC CLI:
(WLAN1) >show msglog
Autonomous AP Logging:
Example:
- AAPs send syslogs to server 192.168.10.1
- Send notifications or higher.
- Use facility local7
Use these commands to configure:
Conf t logging trap notifications logging facility local7 logging 192.168.10.1
Verification for AAP:
AAP#show logging Syslog logging: enabled (1 messages dropped, 19 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled) Console logging: level debugging, 235 messages logged, xml disabled, filtering disabled Monitor logging: level debugging, 0 messages logged, xml disabled, filtering disabled Buffer logging: level debugging, 252 messages logged, xml disabled, filtering disabled Logging Exception size (4096 bytes) Count and timestamp logging messages: disabled Trap logging: level notifications, 127 message lines logged Logging to 192.168.10.1(global) (udp port 514, audit disabled, link up), 127 message lines logged, xml disabled, filtering disabled
AAP# show run | in facil logging facility local7
Hello Thank you so much for this post!
Can we collect logs from configuration changes in the WLC and which user made this changes?
Thanks!
Hello Thank you so much for this post!
Can we collect logs from configuration changes in the WLC and which user made this changes?
Thanks!
I dont think it possible. but chekc this:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/config-mgmt/configuration/xe-3se/wlc5700/config-mgmt-xe-3se-wlc5700-book/cm-config-logger.html
Regards
RSCCIEW