New Template for Cisco IOS Log Messages

templates/cisco_ios_show_logging.textfsm

@@ -0,0 +1,29 @@
+Value NUMBER (\d{6})
+Value MONTH (\D\D\D)
+Value DAY (\d{1,2})
+Value TIME ((\d+:\d+:\d+\.\d+)|(\d+:\d+:\d+))
+Value TIMEZONE (\D\D\D)
+Value FACILITY (\w+)
+Value SEVERITY (\d)
+Value MNEMONIC (\w+)
+Value List MESSAGE (.*)
+
+Start
+  ^Log\sBuffer -> Info
+
+Info
+  ^${NUMBER}:\s${MONTH}\s+${DAY}\s+${TIME}:\s+%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s+${MESSAGE}$$ -> Messages
+  ^${NUMBER}:\s${MONTH}\s+${DAY}\s+${TIME}\s+${TIMEZONE}:\s+%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s+${MESSAGE}$$ -> Messages
+  ^${MONTH}\s+${DAY}\s+${TIME}\s*:\s%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s${MESSAGE} -> Messages
+  ^${MONTH}\s+${DAY}\s+${TIME}\s*${TIMEZONE}:\s%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s${MESSAGE} -> Messages
+
+Messages
+  ^(\d{6}):\s+(\D\D\D)\s+(\d{1,2})\s+((\d+:\d+:\d+\.\d+)|(\d+:\d+:\d+)) -> Continue.Record
+  ^(\D\D\D)\s+(\d{1,2})\s+((\d+:\d+:\d+\.\d+)|(\d+:\d+:\d+)) -> Continue.Record
+  ^${NUMBER}:\s${MONTH}\s+${DAY}\s+${TIME}:\s+%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s+${MESSAGE}$$
+  ^${NUMBER}:\s${MONTH}\s+${DAY}\s+${TIME}\s+${TIMEZONE}:\s+%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s+${MESSAGE}$$
+  ^${MONTH}\s+${DAY}\s+${TIME}\s*:\s%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s${MESSAGE}
+  ^${MONTH}\s+${DAY}\s+${TIME}\s*${TIMEZONE}:\s%${FACILITY}-${SEVERITY}-${MNEMONIC}:\s${MESSAGE}
+  ^${MESSAGE}$$
+  ^(\d{6}):\s+(\D\D\D)\s+(\d{1,2})\s+((\d+:\d+:\d+\.\d+)|(\d+:\d+:\d+)) -> Continue.Record
+  ^(\D\D\D)\s+(\d{1,2})\s+((\d+:\d+:\d+\.\d+)|(\d+:\d+:\d+)) -> Continue.Record

templates/index

@@ -187,6 +187,7 @@ cisco_ios_show_ip_route.textfsm, .*, cisco_ios, sh[[ow]] ip r[[oute]]
 cisco_ios_show_aliases.textfsm,  .*, cisco_ios, sh[[ow]] alia[[ses]]
 cisco_ios_show_archive.textfsm,  .*, cisco_ios, sh[[ow]] arc[[hive]]
 cisco_ios_show_license.textfsm, .*, cisco_ios, sh[[ow]] lic[[ense]]
+cisco_ios_show_logging.textfsm, .*, cisco_ios, sh[[ow]] log[[ging]]
 cisco_ios_show_standby.textfsm, .*, cisco_ios, sh[[ow]] sta[[ndby]]
 cisco_ios_show_version.textfsm, .*, cisco_ios, sh[[ow]] ver[[sion]]
 cisco_ios_show_ip_arp.textfsm, .*, cisco_ios, sh[[ow]] i[[p]] a[[rp]]
@@ -251,7 +252,7 @@ cisco_wlc_ssh_show_cdp_neighbors_detail.textfsm, .*, cisco_wlc_ssh, sh[[ow]] c[[
 cisco_wlc_ssh_show_rf-profile_summary.textfsm, .*, cisco_wlc_ssh, sh[[ow]] rf-[[profile]] s[[ummary]]
 cisco_wlc_ssh_show_ap_config_general.textfsm, .*, cisco_wlc_ssh, sh[[ow]] ap con[[fig]] ge[[neral]]
 cisco_wlc_ssh_show_interface_summary.textfsm, .*, cisco_wlc_ssh, sh[[ow]] int[[erface]] s[[ummary]]
-cisco_wlc_ssh_show_client_detail.textfsm, .*, cisco_wlc_ssh, sh[[ow]] cl[[ient]] det[[ail]] 
+cisco_wlc_ssh_show_client_detail.textfsm, .*, cisco_wlc_ssh, sh[[ow]] cl[[ient]] det[[ail]]
 cisco_wlc_ssh_show_exclusionlist.textfsm, .*, cisco_wlc_ssh, sh[[ow]] ex[[clusionlist]]
 cisco_wlc_ssh_show_ap_summary.textfsm, .*, cisco_wlc_ssh, sh[[ow]] ap sum[[mary]]
 cisco_wlc_ssh_show_inventory.textfsm, .*, cisco_wlc_ssh, sh[[ow]] inve[[ntory]]

tests/cisco_ios/show_logging/cisco_ios_show_logging_1.raw

@@ -0,0 +1,30 @@
+Syslog logging: enabled (0 messages dropped, 34 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
+
+No Active Message Discriminator.
+
+
+
+No Inactive Message Discriminator.
+
+
+    Console logging: level debugging, 22827 messages logged, xml disabled,
+                     filtering disabled
+    Monitor logging: level debugging, 68 messages logged, xml disabled,
+                     filtering disabled
+    Buffer logging:  level debugging, 22860 messages logged, xml disabled,
+                    filtering disabled
+    Exception Logging: size (4096 bytes)
+    Count and timestamp logging messages: disabled
+    File logging: disabled
+    Persistent logging: disabled
+
+No active filter modules.
+
+    Trap logging: level informational, 22790 message lines logged
+        Logging Source-Interface:       VRF Name:
+
+Log Buffer (16384 bytes):
+7:04: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/3, changed state to up
+022701: Jun 19 03:02:31: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet2/0/3, changed state to down
+022702: Jun 19 03:02:32: %LINK-3-UPDOWN: Interface GigabitEthernet2/0/3, changed state to down
+022703: Jun 19 03:02:37: %LINK-3-UPDOWN: Interface GigabitEthernet2/0/3, changed state to up

tests/cisco_ios/show_logging/cisco_ios_show_logging_1.yml

@@ -0,0 +1,32 @@
+---
+parsed_sample:
+  - number: "022701"
+    month: "Jun"
+    day: "19"
+    time: "03:02:31"
+    timezone: ""
+    facility: "LINEPROTO"
+    severity: "5"
+    mnemonic: "UPDOWN"
+    message:
+      - "Line protocol on Interface GigabitEthernet2/0/3, changed state to down"
+  - number: "022702"
+    month: "Jun"
+    day: "19"
+    time: "03:02:32"
+    timezone: ""
+    facility: "LINK"
+    severity: "3"
+    mnemonic: "UPDOWN"
+    message:
+      - "Interface GigabitEthernet2/0/3, changed state to down"
+  - number: "022703"
+    month: "Jun"
+    day: "19"
+    time: "03:02:37"
+    timezone: ""
+    facility: "LINK"
+    severity: "3"
+    mnemonic: "UPDOWN"
+    message:
+      - "Interface GigabitEthernet2/0/3, changed state to up"

tests/cisco_ios/show_logging/cisco_ios_show_logging_2.raw

@@ -0,0 +1,38 @@
+Syslog logging: enabled (0 messages dropped, 4 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
+
+No Active Message Discriminator.
+
+
+
+No Inactive Message Discriminator.
+
+
+    Console logging: level alerts, 0 messages logged, xml disabled,
+                     filtering disabled
+    Monitor logging: level debugging, 0 messages logged, xml disabled,
+                     filtering disabled
+    Buffer logging:  level debugging, 91442 messages logged, xml disabled,
+                    filtering disabled
+    Exception Logging: size (4096 bytes)
+    Count and timestamp logging messages: disabled
+    Persistent logging: disabled
+
+No active filter modules.
+
+ESM: 0 messages dropped
+
+    Trap logging: level informational, 142 message lines logged
+        Logging to 10.5.2.1  (udp port 514, audit disabled,
+              link up),
+              142 message lines logged,
+              0 message lines rate-limited,
+              0 message lines dropped-by-MD,
+              xml disabled, sequence number disabled
+              filtering disabled
+        Logging Source-Interface:       VRF Name:
+
+Log Buffer (16384 bytes):
+IEEE PD
+Jan 30 14:11:11.354: %ILPOWER-7-DETECT: Interface Gi4/3: Power Device detected: IEEE PD
+Jan 30 14:11:55.762: %SYS-5-CONFIG_I: Configured from console by cisco on vty0 (172.16.5.22)
+Jan 30 14:11:32.142: %ILPOWER-7-DETECT: Interface Ten1/1: Power Device detected: IEEE PD

tests/cisco_ios/show_logging/cisco_ios_show_logging_2.yml

@@ -0,0 +1,32 @@
+---
+parsed_sample:
+  - number: ""
+    month: "Jan"
+    day: "30"
+    time: "14:11:11.354"
+    timezone: ""
+    facility: "ILPOWER"
+    severity: "7"
+    mnemonic: "DETECT"
+    message:
+      - "Interface Gi4/3: Power Device detected: IEEE PD"
+  - number: ""
+    month: "Jan"
+    day: "30"
+    time: "14:11:55.762"
+    timezone: ""
+    facility: "SYS"
+    severity: "5"
+    mnemonic: "CONFIG_I"
+    message:
+      - "Configured from console by cisco on vty0 (172.16.5.22)"
+  - number: ""
+    month: "Jan"
+    day: "30"
+    time: "14:11:32.142"
+    timezone: ""
+    facility: "ILPOWER"
+    severity: "7"
+    mnemonic: "DETECT"
+    message:
+      - "Interface Ten1/1: Power Device detected: IEEE PD"

tests/cisco_ios/show_logging/cisco_ios_show_logging_3.raw

@@ -0,0 +1,47 @@
+Syslog logging: enabled (0 messages dropped, 2 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
+
+No Active Message Discriminator.
+
+
+
+No Inactive Message Discriminator.
+
+
+    Console logging: disabled
+    Monitor logging: level debugging, 0 messages logged, xml disabled,
+                     filtering disabled
+    Buffer logging:  level debugging, 25903 messages logged, xml disabled,
+                    filtering disabled
+    Exception Logging: size (4096 bytes)
+    Count and timestamp logging messages: disabled
+    Persistent logging: disabled
+
+No active filter modules.
+
+    Trap logging: level debugging, 25907 message lines logged
+        Logging to 10.12.55.11  (udp port 514, audit disabled,
+              link up),
+              25907 message lines logged,
+              0 message lines rate-limited,
+              0 message lines dropped-by-MD,
+              xml disabled, sequence number disabled
+              filtering disabled
+        Logging to 10.12.55.13   (udp port 514, audit disabled,
+              link up),
+              25907 message lines logged,
+              0 message lines rate-limited,
+              0 message lines dropped-by-MD,
+              xml disabled, sequence number disabled
+              filtering disabled
+        Logging Source-Interface:       VRF Name:
+
+Log Buffer (10000000 bytes):
+
+Jan  2 12:00:05.047: %IOS_LICENSE_IMAGE_APPLICATION-6-LICENSE_LEVEL: Module name = c2900 Next reboot level = ipbasek9 and License = ipbasek9
+000049: Dec  2 12:09:23.643: %LINEPROTO-5-UPDOWN: Line protocol on Interface Embedded-Service-Engine0/0, changed state to down
+000050: Dec  2 12:09:25.715: %SYS-5-RESTART: System restarted --
+Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(1)T1, RELEASE SOFTWARE (fc1)
+Technical Support: http://www.cisco.com/techsupport
+Copyright (c) 1986-2011 by Cisco Systems, Inc.
+Compiled Mon 19-Sep-11 17:41 by prod_rel_team
+000051: Dec  2 12:09:25.719: %SNMP-5-COLDSTART: SNMP agent on host EDGE-2901-Router is undergoing a cold start

tests/cisco_ios/show_logging/cisco_ios_show_logging_3.yml

@@ -0,0 +1,46 @@
+---
+parsed_sample:
+  - number: ""
+    month: "Jan"
+    day: "2"
+    time: "12:00:05.047"
+    timezone: ""
+    facility: "IOS_LICENSE_IMAGE_APPLICATION"
+    severity: "6"
+    mnemonic: "LICENSE_LEVEL"
+    message:
+      - "Module name = c2900 Next reboot level = ipbasek9 and License = ipbasek9"
+  - number: "000049"
+    month: "Dec"
+    day: "2"
+    time: "12:09:23.643"
+    timezone: ""
+    facility: "LINEPROTO"
+    severity: "5"
+    mnemonic: "UPDOWN"
+    message:
+      - "Line protocol on Interface Embedded-Service-Engine0/0, changed state to down"
+  - number: "000050"
+    month: "Dec"
+    day: "2"
+    time: "12:09:25.715"
+    timezone: ""
+    facility: "SYS"
+    severity: "5"
+    mnemonic: "RESTART"
+    message:
+      - "System restarted --"
+      - "Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.2(1)T1, RELEASE SOFTWARE (fc1)"
+      - "Technical Support: http://www.cisco.com/techsupport"
+      - "Copyright (c) 1986-2011 by Cisco Systems, Inc."
+      - "Compiled Mon 19-Sep-11 17:41 by prod_rel_team"
+  - number: "000051"
+    month: "Dec"
+    day: "2"
+    time: "12:09:25.719"
+    timezone: ""
+    facility: "SNMP"
+    severity: "5"
+    mnemonic: "COLDSTART"
+    message:
+      - "SNMP agent on host EDGE-2901-Router is undergoing a cold start"

tests/cisco_ios/show_logging/cisco_ios_show_logging_4.raw

@@ -0,0 +1,42 @@
+Syslog logging: enabled (0 messages dropped, 2 messages rate-limited, 0 flushes, 0 overruns, xml disabled, filtering disabled)
+
+No Active Message Discriminator.
+
+
+
+No Inactive Message Discriminator.
+
+
+    Console logging: disabled
+    Monitor logging: level debugging, 0 messages logged, xml disabled,
+                     filtering disabled
+    Buffer logging:  level debugging, 552121 messages logged, xml disabled,
+                    filtering disabled
+    Exception Logging: size (4096 bytes)
+    Count and timestamp logging messages: disabled
+    Persistent logging: disabled
+
+No active filter modules.
+
+    Trap logging: level debugging, 25907 message lines logged
+        Logging to 8.2.1.2  (udp port 514, audit disabled,
+              link up),
+              552124 message lines logged,
+              0 message lines rate-limited,
+              0 message lines dropped-by-MD,
+              xml disabled, sequence number disabled
+              filtering disabled
+        Logging to 9.8.8.7   (udp port 514, audit disabled,
+              link up),
+              552124 message lines logged,
+              0 message lines rate-limited,
+              0 message lines dropped-by-MD,
+              xml disabled, sequence number disabled
+              filtering disabled
+        Logging Source-Interface:       VRF Name:
+
+Log Buffer (10000000 bytes):
+
+065478: Dec  4 11:01:38.694 EST: %MAB-5-SUCCESS: Authentication successful for client (aaaa.bbbb.dddd) on Interface Gi8/39
+065480: Dec  4 11:01:38.702 EST: %AUTHMGR-5-FAIL: Authorization failed for client (aaaa.bbbb.dddd) on Interface Gi8/39
+065483: Dec  4 11:01:52.755 EST: %AUTHMGR-5-START: Starting 'dot1x' for client (aaaa.bbbb.dddd) on Interface Gi8/39

tests/cisco_ios/show_logging/cisco_ios_show_logging_4.yml

@@ -0,0 +1,32 @@
+---
+parsed_sample:
+  - number: "065478"
+    month: "Dec"
+    day: "4"
+    time: "11:01:38.694"
+    timezone: "EST"
+    facility: "MAB"
+    severity: "5"
+    mnemonic: "SUCCESS"
+    message:
+      - "Authentication successful for client (aaaa.bbbb.dddd) on Interface Gi8/39"
+  - number: "065480"
+    month: "Dec"
+    day: "4"
+    time: "11:01:38.702"
+    timezone: "EST"
+    facility: "AUTHMGR"
+    severity: "5"
+    mnemonic: "FAIL"
+    message:
+      - "Authorization failed for client (aaaa.bbbb.dddd) on Interface Gi8/39"
+  - number: "065483"
+    month: "Dec"
+    day: "4"
+    time: "11:01:52.755"
+    timezone: "EST"
+    facility: "AUTHMGR"
+    severity: "5"
+    mnemonic: "START"
+    message:
+      - "Starting 'dot1x' for client (aaaa.bbbb.dddd) on Interface Gi8/39"