Event log overview – Allied Telesis AT-S63 User Manual

Page 228

background image

Chapter 12: Event Log

228

Section II: Advanced Operations

Event Log Overview

A managed switch is a complex piece of computer equipment that
includes both hardware and software. Multiple software features operate
simultaneously, interoperating with each other and processing large
amounts of network traffic. It is often difficult to determine exactly what is
happening when a switch appears not to be operating normally, or what
happened when the problem occurred.

A network manager’s major task is to monitor the system functions and to
deal with problems as they arise. One method for doing this is to view the
event messages that are generated by the switch and sent to the event
log. These events can provide vital information about system activity on an
AT-9400 Series switch that helps you identify and solve system problems.
The event log includes the following information:

ˆ

The time and date of an event

ˆ

The severity of an event

ˆ

The AT-S63 software module that generated the event

ˆ

A description of the event

There are two ways that you can view a switch’s event messages. The
first method is to view an event log. An AT-9400 Series switch has two
event logs. The first is located in temporary memory and can store up to
4,000 entries. The events in this log are purged whenever you reset or
power cycle the switch. The second log is located in permanent memory
and has a maximum storage capacity of 2,000 entries. Events in this log
are retained even when the switch is reset or power cycled. You can view
either log to display the events of the switch since the unit was last reset.
But to view the events that preceded a system reset, you must view the
permanent event log.

The second method is to have the switch send its events to a syslog
server. The syslog server functions as a central repository that stores
events from many network devices simultaneously.

In order for a switch to send its events to a syslog server, you must define
the syslog output. The syslog output includes the IP address of the syslog
server along with other information such as the types of event messages
you want the switch to send to the syslog server. You can create up to 19
output definitions on a switch. For instructions, refer to “Configuring Log
Outputs” on page 241.