Each type of event is stored locally in a separate log file, and
the information stored in each log file varies depending on the event type. All
log files for these event types are in the /var/log directory.
1.Audit==The audit event messages are messages that the BIG-IP system logs as a result of changes to the BIG-IP system configuration. Logging audit events is optional.== /var/log/audit (Log file)
2. boot=The
boot messages contain information that is logged when the system boots.==
/var/log/boot.log(Log file)
/var/log/boot.log(Log file)
3. cron=When the cron daemon starts
a cron job, the
daemon logs the information about the cron job in this
file.=== /var/log/cron
4. daemon=The daemon messages are logged by various
daemons that run on the system.==
/var/log/daemon.log
5. dmesg=The dmesg messages contain kernel ring buffer information
that pertains to the hardware devices that the kernel detects during the boot
process.== /var/log/dmesg
6. GSLB=The GSLB messages pertain to global traffic management
events.==
/var/log/gtm
/var/log/gtm
7. httpd=The httpd messages contain the Apache Web server error log.==
/var/log/httpd/httpd_errors
/var/log/httpd/httpd_errors
8. kernel=The kernel messages are logged by the Linux kernel.==
/var/log/kern.log
/var/log/kern.log
9. local traffic=The local traffic messages pertain specifically to
the BIG-IP local traffic management events.==
/var/log/ltm
/var/log/ltm
10. mail=The mail messages contain the log information from the mail
server that is running on the system.== /var/log/maillog
11. packet filter=The packet filter messages are those that result
from the use of packet filters and packet-filter rules.==
/var/log/pktfilter
/var/log/pktfilter
12. security=The secure log messages contain information related to
authentication and authorization privileges.== /var/log/secure
13. system=The system event messages are based on global Linux
events, and are not specific to BIG-IP local traffic management events==/var/log/messages
14. TMM=The TMM log messages are those that pertain to Traffic
Management Microkernel events.==
/var/log/tmm
/var/log/tmm
15. user=The user log messages contain information about all user
level logs.==
/var/log/user.log
/var/log/user.log
16. webui=The webui log messages display errors and exception details that
pertain to the Configuration utility.== /var/log/webui.log
Local traffic log
message format
The local traffic (ltm)
log messages generated by the BIG-IP system include the following types of
information:
<time stamp>
<host name> <level> <service[pid]> <message code>
<message text>
·
Time stamp: The
time/date that the system logged the message
·
Host name: The host
name of the BIG-IP system that generated the message
·
Service: The name of
the service (and process ID) that generated the message
·
Message code: The code
that is associated with the message. The code is comprised of the following
sub-codes:
o Product Code: The first two hex digits form
the product code. For example, 0x01 is the BIG-IP product code.
o Subset Code: The third and fourth hex digits
are the subset code. For example, 0x2a is the subset code for LIBHAL.
o Message Number: The next four digits form the
message number within a module.
o Severity Level: The last digit between the
colon symbols is the severity level, with 0 being the highest severity level.
·
Message text: The
description of the event that caused the system to log the message.
Audit log message format
The audit log messages
generated by the BIG-IP system include the following types of information:
<time stamp>
<host name> <level> <service[pid]> <message code>
<user> <event>
·
Time stamp: The
time/date that the system logged the message
·
Host name: The host
name of the BIG-IP system that generated the message
·
Service: The name of
the service (and process ID) that generated the message
·
Message code: The code
that is associated with the message (refer to the previous Local traffic log message format section for Message code sub-code
definitions)
·
User: The name of the
user who made the configuration change, the user's partition, and the user's
permission level
·
Event: The description
of the configuration change or event that caused the system to log the message
No comments:
Post a Comment