Cisco Systems OL-24201-01 manual Critical Log Target, 19-7

Chapter 19 Understanding Logging

About Logging

You can use the web interface to configure the number of days to retain local store log files; however, the default setting is to purge data when it exceeds 5 MB or each day, whichever limit is first attained.

If you do configure more than one day to retain local store files and the data size of the combined files reaches 95000Mb, a FATAL message is sent to the system diagnostic log, and all logging to the local store is stopped until data is purged. Use the web interface to purge local store log files. Purging actions are logged to the current, active log file. See Deleting Local Log Data, page 18-23.

The current log file is named acsLocalStore.log. Older log files are named in the format acsLocalStore.log.YYYY-MM-DD-hh-mm-ss-xxx, where:

•acsLocalStore.log = The prefix of a non-active local store log file, appended with the time stamp.

Note The time stamp is added when the file is first created, and should match the time stamp of the first log message in the file.

–YYYY = Numeric representation of the year.

–MM = Numeric representation of the month. For single-digit months (1 to 9), a zero precedes the number.

–DD = Numeric representation of the day of the month. For single-digit days (1 to 9), a zero precedes the number.

–hh = Hour of the day—00 to 23.

–mm = Minute of the hour—00 to 59.

–ss = Second of the minute—00 to 59.

–xxx = Millisecond of the second—000 to 999.

You can configure the local store to be a critical log target. See Viewing Log Messages, page 19-10for more information on critical log targets.

You can send log messages to the local log target (local store) or to up to eight remote log targets (on a remote syslog server):

•Select System Administration > Configuration > Log Configuration > Remote Log Targets to configure remote log targets.

•Select System Administration > Configuration > Log Configuration > Logging Categories to configure which log messages you want to send to which targets.

Critical Log Target

The local store target can function as a critical log target—the primary, or mandatory, log target for a logging category.

For example, administrative and operational audit messages are always logged to the local store, but you can also configure them to be logged to a remote syslog server or the Monitoring and Reports server log target. However, administrative and operational audit messages configured to be additionally logged to a remote log target are only logged to that remote log target if they are first logged successfully to the local log target.