Filter
Top Products
19-7
User Guide for Cisco Secure Access Control System 5.3
OL-24201-01
Chapter 19 Understanding Logging
About Logging
You can use the web interface to configure the number of days to retain local store log files; however,
the default setting is to purge data when it exceeds 5 MB or each day, whichever limit is first attained.
If you do configure more than one day to retain local store files and the data size of the combined files
reaches 95000Mb, a FATAL message is sent to the system diagnostic log, and all logging to the local
store is stopped until data is purged. Use the web interface to purge local store log files. Purging actions
are logged to the current, active log file. See Deleting Local Log Data, page 18-23.
The current log file is named acsLocalStore.log. Older log files are named in the format
acsLocalStore.log.YYYY-MM-DD-hh-mm-ss-xxx, where:
• acsLocalStore.log = The prefix of a non-active local store log file, appended with the time stamp.
Note The time stamp is added when the file is first created, and should match the time stamp of the
first log message in the file.
–
YYYY = Numeric representation of the year.
–
MM = Numeric representation of the month. For single-digit months (1 to 9), a zero precedes
the number.
–
DD = Numeric representation of the day of the month. For single-digit days (1 to 9), a zero
precedes the number.
–
hh = Hour of the day—00 to 23.
–
mm = Minute of the hour—00 to 59.
–
ss = Second of the minute—00 to 59.
–
xxx = Millisecond of the second—000 to 999.
You can configure the local store to be a critical log target. See Viewing Log Messages, page 19-10 for
more information on critical log targets.
You can send log messages to the local log target (local store) or to up to eight remote log targets (on a
remote syslog server):
• Select System Administration > Configuration > Log Configuration > Remote Log Targets to
configure remote log targets.
• Select System Administration > Configuration > Log Configuration > Logging Categories to
configure which log messages you want to send to which targets.
Critical Log Target
The local store target can function as a critical log target—the primary, or mandatory, log target for a
logging category.
For example, administrative and operational audit messages are always logged to the local store, but you
can also configure them to be logged to a remote syslog server or the Monitoring and Reports server log
target. However, administrative and operational audit messages configured to be additionally logged to
a remote log target are only logged to that remote log target if they are first logged successfully to the
local log target.