cisco.ios.ios_logging_global – Logging resource module
Note
This plugin is part of the cisco.ios collection (version 2.5.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install cisco.ios
.
To use it in a playbook, specify: cisco.ios.ios_logging_global
.
New in version 2.2.0: of cisco.ios
Synopsis
- This module manages the logging attributes of Cisco IOS network devices
Note
This module has a corresponding action plugin.
Parameters
Parameter | Choices/Defaults | Comments | |||||
---|---|---|---|---|---|---|---|
config dictionary | A dictionary of logging options | ||||||
buffered dictionary | Set buffered logging parameters | ||||||
discriminator string | Establish MD-Buffer association | ||||||
filtered boolean |
| Enable filtered logging | |||||
severity string |
| Logging severity level | |||||
size integer | Logging buffer size | ||||||
xml boolean |
| Enable logging in XML to XML logging buffer | |||||
buginf boolean |
| Enable buginf logging for debugging | |||||
cns_events string |
| Set CNS Event logging level | |||||
console dictionary | Set console logging parameters | ||||||
discriminator string | Establish MD-Buffer association | ||||||
filtered boolean |
| Enable filtered logging | |||||
severity string |
| Logging severity level | |||||
xml boolean |
| Enable logging in XML to XML logging buffer | |||||
count boolean |
| Count every log message and timestamp last occurrence | |||||
delimiter dictionary | Append delimiter to syslog messages | ||||||
tcp boolean |
| Append delimiter to syslog messages over TCP | |||||
discriminator list / elements=string | Create or modify a message discriminator | ||||||
dmvpn dictionary | DMVPN Configuration | ||||||
rate_limit integer | rate in messages/minute, default is 600 messages/minute (1-10000) | ||||||
esm dictionary | Set ESM filter restrictions | ||||||
config boolean |
| Permit/Deny configuration changes from ESM filters | |||||
exception integer | Limit size of exception flush output (4096-2147483647) | ||||||
facility string |
| Facility parameter for syslog messages | |||||
filter list / elements=dictionary | Specify logging filter | ||||||
args string | Arguments passed to filter module. | ||||||
order integer | Order of filter execution | ||||||
url string | Filter Uniform Resource Locator | ||||||
history dictionary | Configure syslog history table | ||||||
severity string |
| Logging severity level | |||||
size integer | Logging buffer size | ||||||
hosts list / elements=dictionary | Set syslog server IP address and parameters | ||||||
discriminator string | Establish MD-Buffer association | ||||||
filtered boolean |
| Enable filtered logging | |||||
hostname string | IP address of the syslog server | ||||||
ipv6 string | Configure IPv6 syslog server | ||||||
sequence_num_session boolean |
| Include session sequence number tag in syslog message | |||||
session_id dictionary | Specify syslog message session ID tagging | ||||||
tag string |
| Include hostname in session ID tag | |||||
text string | Include custom string in session ID tag | ||||||
stream integer | This server should only receive messages from a numbered stream | ||||||
transport dictionary | Specify the transport protocol (default=UDP) | ||||||
tcp dictionary | Transport Control Protocol | ||||||
audit boolean |
| Set this host for IOS firewall audit logging | |||||
discriminator string | Establish MD-Buffer association | ||||||
filtered boolean |
| Enable filtered logging | |||||
port integer | Specify the TCP port number (default=601) (1 - 65535) | ||||||
sequence_num_session boolean |
| Include session sequence number tag in syslog message | |||||
session_id dictionary | Specify syslog message session ID tagging | ||||||
tag string |
| Include hostname in session ID tag | |||||
text string | Include custom string in session ID tag | ||||||
stream integer | This server should only receive messages from a numbered stream | ||||||
xml boolean |
| Enable logging in XML to XML logging buffer | |||||
udp dictionary | User Datagram Protocol | ||||||
discriminator string | Establish MD-Buffer association | ||||||
filtered boolean |
| Enable filtered logging | |||||
port integer | Specify the UDP port number (default=514) (1 - 65535) | ||||||
sequence_num_session boolean |
| Include session sequence number tag in syslog message | |||||
session_id dictionary | Specify syslog message session ID tagging | ||||||
tag string |
| Include hostname in session ID tag | |||||
text string | Include custom string in session ID tag | ||||||
stream integer | This server should only receive messages from a numbered stream | ||||||
xml boolean |
| Enable logging in XML to XML logging buffer | |||||
vrf string | Set VRF option | ||||||
xml boolean |
| Enable logging in XML to XML logging buffer | |||||
logging_on string |
| Enable logging to all enabled destinations | |||||
message_counter list / elements=string |
| Configure log message to include certain counter value | |||||
monitor dictionary | Set terminal line (monitor) logging parameters | ||||||
discriminator string | Establish MD-Buffer association | ||||||
filtered boolean |
| Enable filtered logging | |||||
severity string |
| Logging severity level | |||||
xml boolean |
| Enable logging in XML to XML logging buffer | |||||
origin_id dictionary | Add origin ID to syslog messages | ||||||
tag string |
| Include hostname in session ID tag | |||||
text string | Include custom string in session ID tag | ||||||
persistent dictionary | Set persistent logging parameters | ||||||
batch integer | Set batch size for writing to persistent storage (4096-2142715904) | ||||||
filesize integer | Set size of individual log files (4096-2142715904) | ||||||
immediate boolean |
| Write log entry to storage immediately (no buffering). | |||||
notify boolean |
| Notify when show logging [persistent] is activated. | |||||
protected boolean |
| Eliminates manipulation on logging-persistent files. | |||||
size integer | Set disk space for writing log messages (4096-2142715904) | ||||||
threshold integer | Set threshold for logging persistent | ||||||
url string | URL to store logging messages | ||||||
policy_firewall dictionary | Firewall configuration | ||||||
rate_limit integer | (0-3600) value in seconds, default is 30 Sec. | ||||||
queue_limit dictionary | Set logger message queue size | ||||||
esm integer | (100-2147483647) set new queue size | ||||||
size integer | (100-2147483647) set new queue size | ||||||
trap integer | (100-2147483647) set new queue size | ||||||
rate_limit dictionary | Set messages per second limit | ||||||
all boolean |
| (1-10000) message per second | |||||
console boolean |
| (1-10000) message per second | |||||
except_severity string |
| Messages of this severity or higher | |||||
size integer / required | (1-10000) message per second | ||||||
reload dictionary | Set reload logging level | ||||||
message_limit integer | Number of messages (1-4294967295) | ||||||
severity string |
| Logging severity level | |||||
server_arp boolean |
| Enable sending ARP requests for syslog servers when first configured | |||||
snmp_trap list / elements=string |
| Set syslog level for sending snmp trap | |||||
source_interface list / elements=dictionary | Specify interface for source address in logging transactions | ||||||
interface string | Interface name with number | ||||||
vrf string | VPN Routing/Forwarding instance name | ||||||
trap string |
| Set syslog server logging level | |||||
userinfo boolean |
| Enable logging of user info on privileged mode enabling | |||||
running_config string | This option is used only with state parsed. The value of this option should be the output received from the IOS device by executing the command show running-config | include logging. The state parsed reads the configuration from running_config option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the parsed key within the result. | ||||||
state string |
| The state the configuration should be left in With state replaced, for the listed logging configurations, that are in running-config and can have multiple set of commands but not in the task are negated. With state overridden, all configurations that are in running-config but not in the task are negated. Please refer to examples for more details. |
Notes
Note
- Tested against Cisco IOSv Version 15.6
- This module works with connection
network_cli
. See https://docs.ansible.com/ansible/latest/network/user_guide/platform_ios.html - The Configuration defaults of the Cisco IOS network devices are supposed to hinder idempotent behavior of plays
Examples
# Using state: merged # Before state: # ------------- # router-ios#show running-config | section logging # no logging exception # no logging buffered # no logging reload # no logging rate-limit # no logging console # no logging monitor # no logging cns-events # no logging trap - name: Apply the provided configuration cisco.ios.ios_logging_global: config: buffered: severity: notifications size: 5099 xml: True console: severity: critical xml: True facility: local5 hosts: - hostname: 172.16.1.12 - hostname: 172.16.1.11 xml: True - hostname: 172.16.1.10 filtered: True stream: 10 - hostname: 172.16.1.13 transport: tcp: port: 514 monitor: severity: warnings message_counter: log snmp_trap: - errors trap: errors userinfo: True policy_firewall: rate_limit: 10 logging_on: True exception: 4099 dmvpn: rate_limit: 10 cns_events: warnings state: merged # Commands Fired: # --------------- # "commands": [ # "logging buffered xml 5099 notifications", # "logging cns-events warnings", # "logging console xml critical", # "logging dmvpn rate-limit 10", # "logging exception 4099", # "logging facility local5", # "logging monitor warnings", # "logging on", # "logging policy-firewall rate-limit 10", # "logging trap errors", # "logging userinfo", # "logging host 172.16.1.12", # "logging host 172.16.1.10 filtered stream 10", # "logging host 172.16.1.13 transport tcp port 514", # "logging message-counter log", # "logging snmp-trap errors", # "logging host 172.16.1.11 xml" # ], # After state: # ------------ # router-ios#show running-config | section logging # logging exception 4099 # logging message-counter log # logging userinfo # logging buffered xml 5099 notifications # no logging reload # no logging rate-limit # logging console xml critical # logging monitor warnings # logging cns-events warnings # logging policy-firewall rate-limit 10 # logging dmvpn rate-limit 10 # logging trap errors # logging facility local5 # logging snmp-trap errors # logging snmp-trap warnings # logging host 172.16.1.13 transport tcp port 514 # logging host 172.16.1.11 xml # logging host 172.16.1.12 # logging host 172.16.1.10 filtered stream 10 # Using state: deleted # Before state: # ------------- # router-ios#show running-config | section logging # logging exception 4099 # logging message-counter log # logging userinfo # logging buffered xml 5099 notifications # no logging reload # no logging rate-limit # logging console xml critical # logging monitor warnings # logging cns-events warnings # logging policy-firewall rate-limit 10 # logging dmvpn rate-limit 10 # logging trap errors # logging facility local5 # logging snmp-trap errors # logging host 172.16.1.13 transport tcp port 514 # logging host 172.16.1.11 xml # logging host 172.16.1.12 # logging host 172.16.1.10 filtered stream 10 - name: Remove all existing configuration cisco.ios.ios_logging_global: state: deleted # Commands Fired: # --------------- # "commands": [ # "no logging message-counter log", # "no logging snmp-trap errors", # "no logging host 172.16.1.13", # "no logging host 172.16.1.11", # "no logging host 172.16.1.12", # "no logging host 172.16.1.10", # "no logging exception 4099", # "no logging userinfo", # "no logging buffered xml 5099 notifications", # "no logging console xml critical", # "no logging monitor warnings", # "no logging cns-events warnings", # "no logging policy-firewall rate-limit 10", # "no logging dmvpn rate-limit 10", # "no logging trap errors", # "no logging facility local5" # ], # After state: # ------------ # router-ios#show running-config | section logging # no logging exception # no logging buffered # no logging reload # no logging rate-limit # no logging console # no logging monitor # no logging cns-events # no logging trap # Using state: overridden # Before state: # ------------- # router-ios#show running-config | section logging # logging exception 4099 # logging message-counter log # logging userinfo # logging buffered 6000 critical # no logging reload # no logging rate-limit # logging console xml critical # logging monitor warnings # logging cns-events warnings # logging policy-firewall rate-limit 10 # logging dmvpn rate-limit 10 # logging trap errors # logging facility local6 # logging host 172.16.1.13 transport tcp port 514 # logging host 172.16.1.12 # logging host 172.16.1.10 filtered stream 10 # logging host 172.16.1.25 filtered - name: Override commands with provided configuration cisco.ios.ios_logging_global: config: hosts: - hostname: 172.16.1.27 filtered: True state: overridden # Commands Fired: # --------------- # "commands": [ # "no logging message-counter log", # "no logging host 172.16.1.12", # "no logging host 172.16.1.10", # "no logging host 172.16.1.13", # "no logging exception 4099", # "no logging userinfo", # "no logging console xml critical", # "no logging monitor warnings", # "no logging cns-events warnings", # "no logging policy-firewall rate-limit 10", # "no logging dmvpn rate-limit 10", # "no logging trap errors", # "no logging buffered 6000 critical", # "no logging facility local6", # "logging host 172.16.1.27 filtered", # ], # After state: # ------------ # router-ios#show running-config | section logging # no logging exception # no logging buffered # no logging reload # no logging rate-limit # no logging console # no logging monitor # no logging cns-events # no logging trap # logging host 172.16.1.27 filtered # Using state: replaced # Before state: # ------------- # router-ios#show running-config | section logging # logging exception 4099 # logging message-counter log # logging userinfo # logging buffered xml 5099 notifications # no logging reload # no logging rate-limit # logging console xml critical # logging monitor warnings # logging cns-events warnings # logging policy-firewall rate-limit 10 # logging dmvpn rate-limit 10 # logging trap errors # logging facility local5 # logging snmp-trap errors # logging host 172.16.1.13 transport tcp port 514 # logging host 172.16.1.11 xml # logging host 172.16.1.12 # logging host 172.16.1.10 filtered stream 10 - name: Replace commands with provided configuration cisco.ios.ios_logging_global: config: buffered: severity: alerts size: 6025 facility: local6 hosts: - hostname: 172.16.1.19 - hostname: 172.16.1.10 filtered: true stream: 15 state: replaced # Commands Fired: # --------------- # "commands": [ # "no logging host 172.16.1.13", # "no logging host 172.16.1.11", # "no logging host 172.16.1.12", # "no logging host 172.16.1.10", # "logging host 172.16.1.19", # "logging host 172.16.1.10 filtered stream 15", # "logging buffered 6025 alerts", # "logging facility local6" # ], # After state: # ------------ # router-ios#show running-config | section logging # logging exception 4099 # logging message-counter log # logging userinfo # logging buffered 6025 alerts # no logging reload # no logging rate-limit # logging console xml critical # logging monitor warnings # logging cns-events warnings # logging policy-firewall rate-limit 10 # logging dmvpn rate-limit 10 # logging trap errors # logging facility local6 # logging snmp-trap errors # logging host 172.16.1.19 # Using state: gathered # Before state: # ------------- #router-ios#show running-config | section logging # logging exception 4099 # logging message-counter log # logging userinfo # logging buffered xml 5099 notifications # no logging reload # no logging rate-limit # logging console xml critical # logging monitor warnings # logging cns-events warnings # logging policy-firewall rate-limit 10 # logging dmvpn rate-limit 10 # logging trap errors # logging facility local5 # logging snmp-trap errors # logging host 172.16.1.13 transport tcp port 514 # logging host 172.16.1.11 xml # logging host 172.16.1.12 # logging host 172.16.1.10 filtered stream 10 # logging host 172.16.1.25 filtered - name: Gather listed logging config cisco.ios.ios_logging_global: state: gathered # Module Execution Result: # ------------------------ # "gathered": { # "buffered": { # "severity": "notifications", # "size": 5099, # "xml": true # }, # "cns_events": "warnings", # "console": { # "severity": "critical", # "xml": true # }, # "dmvpn": { # "rate_limit": 10 # }, # "exception": 4099, # "facility": "local5", # "hosts": [ # { # "hostname": "172.16.1.11", # "xml": true # }, # { # "hostname": "172.16.1.12" # }, # { # "filtered": true, # "hostname": "172.16.1.10", # "stream": 10 # }, # { # "hostname": "172.16.1.13", # "transport": { # "tcp": { # "port": 514 # } # } # }, # { # "filtered": true, # "hostname": "172.16.1.25" # } # ], # "message_counter": [ # "log" # ], # "monitor": { # "severity": "warnings" # }, # "policy_firewall": { # "rate_limit": 10 # }, # "snmp_trap": [ # "errors" # ], # "trap": "errors", # "userinfo": true # }, # After state: # ------------- # router-ios#show running-config | section logging # logging exception 4099 # logging message-counter log # logging userinfo # logging buffered xml 5099 notifications # no logging reload # no logging rate-limit # logging console xml critical # logging monitor warnings # logging cns-events warnings # logging policy-firewall rate-limit 10 # logging dmvpn rate-limit 10 # logging trap errors # logging facility local5 # logging snmp-trap errors # logging host 172.16.1.13 transport tcp port 514 # logging host 172.16.1.11 xml # logging host 172.16.1.12 # logging host 172.16.1.10 filtered stream 10 # logging host 172.16.1.25 filtered # Using state: rendered - name: Render the commands for provided configuration cisco.ios.ios_logging_global: config: buffered: severity: notifications size: 5099 xml: True console: severity: critical xml: True facility: local5 hosts: - hostname: 172.16.1.12 - hostname: 172.16.1.11 xml: True - hostname: 172.16.1.10 filtered: True stream: 10 - hostname: 172.16.1.13 transport: tcp: port: 514 monitor: severity: warnings message_counter: log snmp_trap: errors trap: errors userinfo: True policy_firewall: rate_limit: 10 logging_on: True exception: 10 dmvpn: rate_limit: 10 cns_events: warnings state: rendered # Module Execution Result: # ------------------------ # "rendered": [ # "logging host 172.16.1.12", # "logging host 172.16.1.11 xml", # "logging host 172.16.1.10 filtered stream 10", # "logging host 172.16.1.13 transport tcp port 514", # "logging message-counter log", # "logging snmp-trap errors", # "logging buffered xml 5099 notifications", # "logging console xml critical", # "logging facility local5", # "logging monitor warnings", # "logging trap errors", # "logging userinfo", # "logging policy-firewall rate-limit 10", # "logging on", # "logging exception 10", # "logging dmvpn rate-limit 10", # "logging cns-events warnings" # ] # Using state: parsed # File: parsed.cfg # ---------------- # logging on # logging count # logging userinfo # logging trap errors # logging reload alerts # logging host 172.16.1.1 # logging exception 4099 # logging history alerts # logging facility local5 # logging snmp-trap errors # logging monitor warnings # logging origin-id hostname # logging host 172.16.1.11 xml # logging cns-events warnings # logging dmvpn rate-limit 10 # logging message-counter log # logging console xml critical # logging message-counter debug # logging persistent batch 4444 # logging host 172.16.1.25 filtered # logging source-interface GBit1/0 # logging source-interface CTunnel2 # logging policy-firewall rate-limit 10 # logging buffered xml 5099 notifications # logging rate-limit all 2 except warnings # logging host 172.16.1.10 filtered stream 10 # logging host 172.16.1.13 transport tcp port 514 # logging discriminator msglog01 severity includes 5 # logging filter tftp://172.16.2.18/ESM/elate.tcl args TESTInst2 # logging filter tftp://172.16.2.14/ESM/escalate.tcl args TESTInst - name: Parse the provided configuration with the existing running configuration cisco.ios.ios_logging_global: running_config: "{{ lookup('file', 'parsed.cfg') }}" state: parsed # Module Execution Result: # ------------------------ # "parsed": { # "buffered": { # "severity": "notifications", # "size": 5099, # "xml": true # }, # "cns_events": "warnings", # "console": { # "severity": "critical", # "xml": true # }, # "count": true, # "discriminator": [ # "msglog01 severity includes 5" # ], # "dmvpn": { # "rate_limit": 10 # }, # "exception": 4099, # "facility": "local5", # "filter": [ # { # "args": "TESTInst2", # "url": "tftp://172.16.2.18/ESM/elate.tcl" # }, # { # "args": "TESTInst", # "url": "tftp://172.16.2.14/ESM/escalate.tcl" # } # ], # "history": { # "severity": "alerts" # }, # "hosts": [ # { # "hostname": "172.16.1.1" # }, # { # "hostname": "172.16.1.11", # "xml": true # }, # { # "filtered": true, # "hostname": "172.16.1.25" # }, # { # "filtered": true, # "hostname": "172.16.1.10", # "stream": 10 # }, # { # "hostname": "172.16.1.13", # "transport": { # "tcp": { # "port": 514 # } # } # } # ], # "logging_on": "enable", # "message_counter": [ # "log", # "debug" # ], # "monitor": { # "severity": "warnings" # }, # "origin_id": { # "tag": "hostname" # }, # "persistent": { # "batch": 4444 # }, # "policy_firewall": { # "rate_limit": 10 # }, # "rate_limit": { # "all": true, # "except_severity": "warnings", # "size": 2 # }, # "reload": { # "severity": "alerts" # }, # "snmp_trap": [ # "errors" # ], # "source_interface": [ # { # "interface": "GBit1/0" # }, # { # "interface": "CTunnel2" # } # ], # "trap": "errors", # "userinfo": true # }
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
after dictionary | when changed | The resulting configuration model invocation. Sample: The configuration returned will always be in the same format of the parameters above. |
before dictionary | always | The configuration prior to the model invocation. Sample: The configuration returned will always be in the same format of the parameters above. |
commands list / elements=string | always | The set of commands pushed to the remote device. Sample: ['logging on', 'logging userinfo', 'logging trap errors', 'logging host 172.16.1.12', 'logging console xml critical', 'logging message-counter log', 'logging policy-firewall rate-limit 10'] |
Authors
- Sagar Paul (@KB-perByte)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/cisco/ios/ios_logging_global_module.html