For each SPP internal service, you can specify the level of logging and the external syslog server for storing debug logs. This allows for debugging in real time.
Debug logging is appliance specific. The data sent to the syslog server can include but is not limited to Support Bundle debug data. Cluster wide TLS audit event can be logged to a syslog server (see Syslog Events).
Debug logging is off by default but you can turn it on or off. Because debug logs can be sizable, you may want to turn it on for debugging a specific scenario or testing and turn it off for daily operations.
Using the API to control TLS log connection messages
Using the API, you can control if TLS log connection messages are generated to the debug logs when the TLS connection to an external server is closed. If the log level is set (see below), the event is also sent to the syslog server.
To log TLS connection information, set the NetworkDebugEnabled property from the https://<network address>/service/appliance/v4/Service/Debug endpoint to true. For more information, see Using the API..
To configure debug logs to send to a syslog server
- You will need a configured syslog server. If you have not configured a syslog server, you will see a message like this: To configure additional debut logging options, you need to configure a syslog server. Click Configure a syslog server. For more information, see Configuring and verifying a syslog server..
- If you have a syslog server configured, navigate to Appliance > Debug.
- Select a Syslog Server to which you want to send debug logs. The default is Do not log to syslog.
- In Facility, select which syslog facility to which you want to use: Kernel, User, Mail, Daemons, Authorization, or Syslog.
-
Set the log level.
- To set all log levels, click Set All then choose to Set All at one of the levels. This is useful to set the most common level of logging you want for most services.
- To set an individual Service Name's log level, select next to the service to change the log level for that service.
When you select from either the set all levels or the individual service name level, the log includes the log level selected as well as those listed below the level you selected. The information is immediately sent to the server. For example:
- Debug (includes Debug, Information, Warning, and Error)
- Information (includes Information, Warning, and Error)
- Warning (includes Warning and Error)
- Error (includes only Error)
- None (Disabled): No logs are sent
- The grid displays each Service Name (enum name) that supports debug logging and the current Log Level.
- Click Refresh at any time to display the latest information.
- Click Search to locate a specific service.