Brocade Network OS Message Reference v4.1.1 Manual de usuario descargar pdf (Pagina 19)

Network OS Message Reference 3

53-1003227-01

Overview of RASLog messages

You can display the VCS RASLog messages using the show logging raslog attribute VCS command.

For information on displaying the VCS RASLog messages, refer to “Displaying the VCS messages”

on page 16.

Audit log messages

Event auditing is designed to support post-event audits and problem determination based on

high-frequency events of certain types, such as security violations, firmware downloads, and

configuration. Audit log messages are saved in the persistent storage. The storage has a limit of

1024 entries and will wrap around if the number of messages exceed the limit. The switch can be

configured to stream Audit messages to the specified syslog servers. The Audit log messages are

not forwarded to an SNMP management station.

The following is an example of an Audit log message.

AUDIT,2011/08/26-07:51:32 (GMT), [DCM-2001], INFO, DCMCFG,

root/none/127.0.0.1/rpc/cli,, VDX6720-24, Event: noscli start, Status: success,

Info: Successful login attempt through console from 127.0.0.1.

For any given event, Audit messages capture the following information:

• User Name - The name of the user who triggered the action.

• User Role - The access level of the user, such as root or admin.

• Event Name - The name of the event that occurred.

• Status - The status of the event that occurred: success or failure.

• Event Info - Information about the event.

The three event classes described in Table 2 can be audited.

You can enable event auditing by configuring the syslog daemon to send the events to a configured

remote host using the logging syslog-server command. You can set up filters to screen out

particular classes of events using the logging auditlog class command (the classes include

SECURITY, CONFIGURATION, and FIRMWARE). All the Audit classes are enabled by default. The

defined set of Audit messages are sent to the configured remote host in the Audit message format,

so that they are easily distinguishable from other syslog events that may occur in the network. For

details on how to configure event auditing, refer to “Configuring event auditing” on page 19.

FFDC messages

First Failure Data Capture (FFDC) is used to capture failure-specific data when a problem or failure

is first noted and before the switch reloads or the trace and log buffer get wrapped. All subsequent

iterations of the same error are ignored. This critical debug information is saved in nonvolatile

storage and can be retrieved by executing the copy support command. The data are used for

debugging purposes. FFDC is intended for use by Brocade technical support.

TABLE 2 Event classes of the Audit messages

Event class Operand Description

DCMCFG CONFIGURATION You can audit all the configuration changes in the Network OS.

FIRMWARE FIRMWARE You can audit the events occurring during the firmware download process.

SECURITY SECURITY You can audit any user-initiated security event for all management interfaces.

For events that have an impact on the entire network, an audit is generated

only for the switch from which the event was initiated.

1 2 ... 14 15 16 17 18 19 20 21 22 23 24 ... 477 478

Comentarios a estos manuales

Sin comentarios

Brocade Network OS Message Reference v4.1.1 Manual de usuario Pagina 19

Comentarios a estos manuales

Relacionado con productos y manuales para Accesorios De Computador Brocade Network OS Message Reference v4.1.1