How to determine outages from system logs?
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
I have been experiencing some intermittent outages and I'd like to help track them so that I can inform my ISP. Some of these outages happen when I may be asleep, and some are longer than others.
When these outages occur, it looks to the Archer A20 as if the WAN port is unplugged. The LED on the router for the WAN turns orange.
I had an idea: I can export the system logs, and I wrote a script to be able to parse them so I could load them into an Excel sheet and calculate the length of time of an outage.
What I'm trying to figure out, however, is what are the best system log entries to use?
I have been attempting to use the "Led Controller" logs, as these seem to map closely to the indicators I would see.
However, I am trying to parse what WAN0_ON / OFF and WAN1_ON / OFF mean in terms of "something being down or not". Is "WAN0_1" the indicator for an orange LED on the WAN port? Or would it be WAN1_0?
Once I understand a bit how to parse the LED logs (or a better log if someone has a suggestion), I'll be happy to publish the script and steps to check these things.
Would love any input you could offer. Thanks!
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Have the SAME router, and I had a power loss a week ago (Router/Modem were on a UPS) that caused the Internet signal to go off. Unfortunately, when I looked at the LOG I could not find anything of value.
Looking at your Modem would provide the info though that you seek. Most modems can be accessed with http://192.168.100.1 in a Browser URL. Many use admin/admin or admin/password for userID and Passwords. Look at the LOG there, but they do usually scroll off within a day or too.
- Copy Link
- Report Inappropriate Content
@IrvSp thanks for replying! Yes, I understand how to look at the router and how to get to the log.
Another phrasing of my question is: if I was to attempt to parse these log messages in order to programmatically deduce when an outage occurred, what log messages would help provide insight there?
My goal is to be able to take the logs, export them, and run a script against them to parse this. I actually have already built the script and the Excel sheet; I'm just not sure that i'm understanding the log messages correctly and so my script may be incorrect.
- Copy Link
- Report Inappropriate Content
Well, what I'd do is EMAIL the log to you. Much easier to 'scrape' as it is plain TXT.
I get them sent to me daily, every midnight. The log it appears is saved in RAM, and once it is full, it gets truncated to allow new data.
For instance, this is what I had when we lost Internet:
===============
2020-08-25 13:55:17 led-controller[1443]: <6> 288051 Start to run WAN1_ON
2020-08-25 13:55:17 led-controller[1443]: <6> 288051 Start to run WAN0_OFF
2020-08-25 13:55:17 led-controller[1443]: <6> 288051 Start to run LAN_OFF
2020-08-25 13:52:01 led-controller[1443]: <6> 288051 Start to run USB1_ON
2020-08-25 13:52:01 led-controller[1443]: <6> 288051 Start to run USB1_ON
2020-08-25 12:36:51 led-controller[1443]: <6> 288051 Start to run WAN1_OFF
2020-08-25 12:36:51 led-controller[1443]: <6> 288051 Start to run WAN0_ON
2020-08-25 12:36:51 led-controller[1443]: <6> 288051 Start to run LAN_OFF
2020-08-25 12:00:57 led-controller[1443]: <6> 288051 Start to run WAN1_OFF
=========
I know the time, which is the 12.35.51 and came back 1 1/2 hours later.
Now you might think LAN_OFF is the key, but it really isn't. I get a LOT of those:
============
2020-08-24 20:05:17 led-controller[1443]: <6> 288051 Start to run LAN_OFF
2020-08-24 20:00:00 led-controller[1443]: <6> 288051 Start to run NIGHT
2020-08-24 09:08:09 led-controller[1443]: <6> 288051 Start to run WAN1_ON
2020-08-24 09:08:09 led-controller[1443]: <6> 288051 Start to run WAN0_OFF
2020-08-24 09:08:09 led-controller[1443]: <6> 288051 Start to run LAN_ON
2020-08-24 07:00:00 led-controller[1443]: <6> 288051 Start to run NIGHT
2020-08-23 20:43:23 led-controller[1443]: <6> 288051 Start to run WAN1_ON
2020-08-23 20:43:23 led-controller[1443]: <6> 288051 Start to run WAN0_OFF
2020-08-23 20:43:23 led-controller[1443]: <6> 288051 Start to run LAN_OFF
2020-08-23 20:00:00 led-controller[1443]: <6> 288051 Start to run NIGHT
==============
In those cases, I've set the LED's to go off 8PM and on at 7AM. Note the different between the NIGHT setting and when the LED's register changes.
One that might be useful is the IPv6 one, "2020-08-26 08:27:18 network[3714]: <6> 290003 Connect interface wanv6", but I didn't seem many of these in my logs.
What I'd suggest you do, Delete the Log entries, pull the WAN port Ethernet cable, and then look at the log. Still, I'm not sure that would even help? I just did it and got 54 entries:
================
Hardware Version: Archer A20 v1.0
Software Version: 1.1.1 Build 20191026 rel.10453
2020-09-04 14:33:53 nat[24034]: <6> 211021 IPSEC ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211021 L2TP ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211021 PPTP ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211021 SIP ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211021 RTSP ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211021 H323 ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211021 TFTP ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211021 FTP ALG enabled
2020-09-04 14:33:53 nat[24034]: <6> 211024 DMZ disabled
2020-09-04 14:33:51 nat[24034]: <6> 211501 Initialization succeeded
2020-09-04 14:33:50 nat[24034]: <6> 211501 Initialization succeeded
2020-09-04 14:33:50 nat[23055]: <6> 211021 IPSEC ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211021 L2TP ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211021 PPTP ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211021 SIP ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211021 RTSP ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211021 H323 ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211021 TFTP ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211021 FTP ALG enabled
2020-09-04 14:33:50 nat[23055]: <6> 211024 DMZ disabled
2020-09-04 14:33:50 remote-management[24352]: <6> 282504 Service start
2020-09-04 14:33:49 remote-management[24352]: <6> 282505 Service stop
2020-09-04 14:33:48 nat[23055]: <6> 211501 Initialization succeeded
2020-09-04 14:33:48 remote-management[23319]: <6> 282504 Service start
2020-09-04 14:33:48 remote-management[23319]: <6> 282505 Service stop
2020-09-04 14:33:48 nat[23055]: <6> 211501 Initialization succeeded
2020-09-04 14:33:45 upnp[22835]: <6> 217504 Service start
2020-09-04 14:33:45 upnp[22835]: <6> 217505 Service stop
2020-09-04 14:33:44 remote-management[22410]: <6> 282504 Service start
2020-09-04 14:33:44 remote-management[22410]: <6> 282505 Service stop
2020-09-04 14:33:32 nat[20697]: <6> 211021 IPSEC ALG enabled
2020-09-04 14:33:32 nat[20697]: <6> 211021 L2TP ALG enabled
2020-09-04 14:33:32 nat[20697]: <6> 211021 PPTP ALG enabled
2020-09-04 14:33:32 nat[20697]: <6> 211021 SIP ALG enabled
2020-09-04 14:33:32 nat[20697]: <6> 211021 RTSP ALG enabled
2020-09-04 14:33:32 nat[20697]: <6> 211021 H323 ALG enabled
2020-09-04 14:33:32 nat[20697]: <6> 211021 TFTP ALG enabled
2020-09-04 14:33:32 nat[20697]: <6> 211021 FTP ALG enabled
2020-09-04 14:33:31 nat[20697]: <6> 211024 DMZ disabled
2020-09-04 14:33:31 led-controller[1238]: <6> 288051 Start to run WAN1_ON
2020-09-04 14:33:31 led-controller[1238]: <6> 288051 Start to run WAN0_OFF
2020-09-04 14:33:31 led-controller[1238]: <6> 288051 Start to run LAN_ON
2020-09-04 14:33:30 nat[20697]: <6> 211501 Initialization succeeded
2020-09-04 14:33:29 nat[20697]: <6> 211501 Initialization succeeded
2020-09-04 14:33:27 led-controller[1238]: <6> 288051 Start to run WAN1_OFF
2020-09-04 14:33:27 led-controller[1238]: <6> 288051 Start to run WAN0_ON
2020-09-04 14:33:27 led-controller[1238]: <6> 288051 Start to run LAN_ON
2020-09-04 14:33:23 nat[20023]: <6> 211501 Initialization succeeded
2020-09-04 14:33:23 nat[20023]: <6> 211501 Initialization succeeded
2020-09-04 14:33:20 nat[19304]: <6> 211501 Initialization succeeded
2020-09-04 14:33:20 nat[19304]: <6> 211501 Initialization succeeded
2020-09-04 14:33:19 led-controller[1238]: <6> 288051 Start to run WAN1_OFF
2020-09-04 14:33:19 led-controller[1238]: <6> 288051 Start to run WAN0_OFF
2020-09-04 14:33:19 led-controller[1238]: <6> 288051 Start to run LAN_ON
==============
Entries right before that, when I turned on my PC just before 7AM:
=================
2020-09-04 07:00:00 led-controller[1238]: <6> 288051 Start to run NIGHT
2020-09-04 06:43:53 led-controller[1238]: <6> 288051 Start to run WAN1_ON
2020-09-04 06:43:53 led-controller[1238]: <6> 288051 Start to run WAN0_OFF
2020-09-04 06:43:53 led-controller[1238]: <6> 288051 Start to run LAN_ON
2020-09-03 20:05:33 led-controller[1238]: <6> 288051 Start to run WAN1_ON
==================
The only thing that might tell you more, if you knew what those 4, 5, or 6 number codes were for.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 0
Views: 987
Replies: 3
Voters 0
No one has voted for it yet.