Business Community > Switches > Log format
< Switches

Log format

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Log format

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Log format
Log format
2013-10-17 21:24:30
Region : UnitedStates

Model : TL-SG3210

Hardware Version : V1

Firmware Version :

ISP :

Does anyone know how I can configure the log format for, well, the logs being sent by this switch? I set it to send its log files to a rsylog server. The log being sent by swtich looks like

Oct 9 02:52:05 2013-10-09 02: 52:21 10.0.0.3 61565 The switch has learned a new MAC address 00:23:54:91:2a:12, vid:8, interface:port 8.

while your garden-variety syslog looks more like this:

Oct 17 05:15:13 pickles dhclient[22813]: DHCPREQUEST on eth0 to 10.0.0.1 port 67 (xid=0x117ec287)

And that is causing some issues with how my rsyslog server handles the logs. Now in a unix box I can configure the way the log is spit out, but I really do not know how to do that in the swtich. Anyone?
  0      
 
  0      
 
#1
Options
5 Reply
Re:Log format
2013-10-27 21:58:17
I don't get the point...what's wrong with the log?
  0  
  0  
#2
Options
Re:Log format
2013-11-05 03:53:44
(r)syslog uses the 3rd field to identify host. That works fine with logs from cisco, linux, bsd, and solaris boxes. For those that do not, you can edit the log file format. I have not tried OSX but I think it should be editable too.

But, in this switch the 3rd field seems to be for another time stamp; what is it used for anyway?
  0  
  0  
#3
Options
Re:Log format
2013-11-05 09:23:28
Well, I am afraid there is no way for us to do such kind of configurations.
  0  
  0  
#4
Options
Re:Log format
2014-11-03 19:53:09
I have not tried OSX but I think it should be editable too. Fifa 15 Coins
  0  
  0  
#5
Options
Re:Log format
2016-01-03 19:09:42
Hi raubvogel,

you can switch the LogFormat in your syslogserver for this devices. I configured two templates and linked it two special logging sources:

Here my configuration:
[CODE]cat /etc/rsyslog.d/host-templates.conf
# Log remote hosts to separate log file
$template PerHostLog,"/var/log/remote-hosts/%HOSTNAME%.log"
$template RemoteHostFileFormat,"%TIMESTAMP% %HOSTNAME% %syslogfacility-text% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::space-cc,drop-last-lf%\n"
### Begin TP-LINK configuration ###
$template TPLinkHostLog,"/var/log/remote-hosts/%FROMHOST%.log"
$template TPLinkHostFileFormat,"%TIMESTAMP% %FROMHOST% %syslogfacility-text% %syslogtag%%msg:::sp-if-no-1st-sp%%msg:::space-cc,drop-last-lf%\n"
:FROMHOST, contains, "tplinkswitch1" ?TPLinkHostLog;TPLinkHostFileFormat
& ~
:FROMHOST, contains, "tplinkswitch2" ?TPLinkHostLog;TPLinkHostFileFormat
& ~
### End TP-LINK configuration ###
:inputname, isequal, "imudp" ?PerHostLog;RemoteHostFileFormat
& ~
:inputname, isequal, "imtcp" ?PerHostLog;RemoteHostFileFormat
& ~[/CODE]

Perhaps can use it.
  0  
  0  
#6
Options

Information

Helpful: 0

Views: 2071

Replies: 5

Related Articles
No events in the log
439 0
Empty Log
566 0
Controller Inform URL - which format for url?
3855 0
 ipv6 invalid format
1097 0
Omada Open API as json or yaml format
1112 0
"MAC Address Format" does not work on PPSK with RADIUS.
574 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.