Syslog’s are very useful tools for system management and auditing as well as informational analysis for debugging purposes. If presented well, these logs can be of great utility. NetScaler command center can monitor the syslog events of the NetScaler ADC appliances, when it is configured as the syslog server for those NetScaler ADC appliances. Once you have done that, all the syslog messages will be redirected to the command center server.
This enables the command center to exhibit these logs to the user in a structural manner. Now, the question is, why do we need to view our syslog’s on command center setup, when we can view them on NetScaler appliance?
NetScaler Command Center presents these logs in readable tabular format and lets you perform advanced searches in various ways and construct views to analyze the system log data.
As can be seen in the above snapshot, the Syslog data gets extracted and showcased with details on Date/Time of the log, Source as the device IP, Event ID and the Message. Now, as can be seen, there are 2361 entries of these logs. To search for something specific in these logs will be equivalent to searching for a needle in a haystackJ. For situations like these, you have an option to perform advanced search through Search tab (highlighted in Figure 1).
These advanced search option lets you search the logs in two filter levels. First level lets you categorize the logs in Date, Event ID, Facility, Message, Severity and Source. Second level of filtering lets you define operations on the value returned by the first filter.
There have been two Syslog Search enhancements in NetScaler Command Center 5.0:
Key Enhancement 1: The “in between” operation in “Date” advanced searches
As can be seen inFigure 2, Command Center 5.0 introduces the in between operation to searches which aim to filter logs on the basis of the Date/Time information in the logs.
Here, we have set the first filter as Date and the second level of filter as in between. In the next two fields you get to enter the range between which you want the log list to result in. When you click Search, youwill get the list of logs lying between the intervals defined by you. In this case, we get a result of 42 logs lying in between November 18,2011 01:43:52 PM – November 18,2011 01:28:00 PM time interval out of a complete list 2361 logs!
Now, that’s neat!
As is evident with this example, this operation helps you get more granular search results than is after and is before operations.
Key Enhancement 2: The Comma delimited search for Syslog messages
The comma delimited search, as showcased in Figure 3, filters the logs with “Remote_ip 10.102.31.143” as well as “ERROR” string in a single search. As shown in Figure 4, it filters the logs with “Remote_ip 10.102.31.143” log entries, “ERROR” log entries and the log entries with both the strings “Remote_ip 10.102.31.143” as well as “ERROR” present in them.
By this part of the blog, I believe we have established, the USP of Syslog’s on NetScaler Command Center and have introduced the key enhancements done in NetScaler Command Center (CC) 5.0 release.
This will be all for now. Look forward to more blogs on key enhancement in CC 5.0.