cisco.ios.ios_logging_global module – Resource module to configure logging.
Note
This module is part of the cisco.ios collection (version 9.0.3).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install cisco.ios
.
To use it in a playbook, specify: cisco.ios.ios_logging_global
.
New in cisco.ios 2.2.0
Synopsis
This module manages the logging attributes of Cisco IOS network devices
Parameters
Parameter |
Comments |
---|---|
A dictionary of logging options |
|
Set buffered logging parameters |
|
Establish MD-Buffer association |
|
Enable filtered logging Choices:
|
|
Logging severity level Idempotency is not maintained for this attribute for the value ‘debugging’ since this value is not shown in running-config. Choices:
|
|
Logging buffer size |
|
Enable logging in XML to XML logging buffer Choices:
|
|
Enable buginf logging for debugging Choices:
|
|
Set CNS Event logging level Choices:
|
|
Set console logging parameters |
|
Establish MD-Buffer association |
|
Enable filtered logging Choices:
|
|
Logging severity level Choices:
|
|
Enable logging in XML to XML logging buffer Choices:
|
|
Count every log message and timestamp last occurrence Choices:
|
|
Append delimiter to syslog messages |
|
Append delimiter to syslog messages over TCP Choices:
|
|
Create or modify a message discriminator |
|
DMVPN Configuration |
|
rate in messages/minute, default is 600 messages/minute (1-10000) |
|
Set ESM filter restrictions |
|
Permit/Deny configuration changes from ESM filters Choices:
|
|
Limit size of exception flush output (4096-2147483647) |
|
Facility parameter for syslog messages Choices:
|
|
Specify logging filter |
|
Arguments passed to filter module. |
|
Order of filter execution |
|
Filter Uniform Resource Locator |
|
Configure syslog history table |
|
Logging severity level Idempotency is not maintained for this attribute for the value ‘debugging’ since this value is not shown in running-config. Choices:
|
|
Logging buffer size |
|
Set syslog server IP address and parameters |
|
Establish MD-Buffer association |
|
Enable filtered logging Choices:
|
|
IP address of the syslog server |
|
Configure IPv6 syslog server |
|
Include session sequence number tag in syslog message Choices:
|
|
Specify syslog message session ID tagging |
|
Include hostname in session ID tag Choices:
|
|
Include custom string in session ID tag |
|
This server should only receive messages from a numbered stream |
|
Specify the transport protocol (default=UDP) |
|
Transport Control Protocol |
|
Set this host for IOS firewall audit logging Choices:
|
|
Establish MD-Buffer association |
|
Enable filtered logging Choices:
|
|
Specify the TCP port number (default=601) (1 - 65535) |
|
Include session sequence number tag in syslog message Choices:
|
|
Specify syslog message session ID tagging |
|
Include hostname in session ID tag Choices:
|
|
Include custom string in session ID tag |
|
This server should only receive messages from a numbered stream |
|
Enable logging in XML to XML logging buffer Choices:
|
|
User Datagram Protocol |
|
Establish MD-Buffer association |
|
Enable filtered logging Choices:
|
|
Specify the UDP port number (default=514) (1 - 65535) |
|
Include session sequence number tag in syslog message Choices:
|
|
Specify syslog message session ID tagging |
|
Include hostname in session ID tag Choices:
|
|
Include custom string in session ID tag |
|
This server should only receive messages from a numbered stream |
|
Enable logging in XML to XML logging buffer Choices:
|
|
Set VRF option |
|
Enable logging in XML to XML logging buffer Choices:
|
|
Enable logging to all enabled destinations Choices:
|
|
Configure log message to include certain counter value Choices:
|
|
Set terminal line (monitor) logging parameters |
|
Establish MD-Buffer association |
|
Enable filtered logging Choices:
|
|
Logging severity level Idempotency is not maintained for this attribute for the value ‘debugging’ since this value is not shown in running-config. Choices:
|
|
Enable logging in XML to XML logging buffer Choices:
|
|
Add origin ID to syslog messages |
|
Include hostname in session ID tag Choices:
|
|
Include custom string in session ID tag |
|
Set persistent logging parameters |
|
Set batch size for writing to persistent storage (4096-2142715904) |
|
Set size of individual log files (4096-2142715904) |
|
Write log entry to storage immediately (no buffering). Choices:
|
|
Notify when show logging [persistent] is activated. Choices:
|
|
Eliminates manipulation on logging-persistent files. Choices:
|
|
Set disk space for writing log messages (4096-2142715904) |
|
Set threshold for logging persistent |
|
URL to store logging messages |
|
Firewall configuration |
|
(0-3600) value in seconds, default is 30 Sec. |
|
Set logger message queue size |
|
(100-2147483647) set new queue size |
|
(100-2147483647) set new queue size |
|
(100-2147483647) set new queue size |
|
Set messages per second limit |
|
(1-10000) message per second Choices:
|
|
(1-10000) message per second Choices:
|
|
Messages of this severity or higher Choices:
|
|
(1-10000) message per second |
|
Set reload logging level |
|
Number of messages (1-4294967295) |
|
Logging severity level Idempotency is not maintained for this attribute for the value ‘debugging’ since this value is not shown in running-config. Choices:
|
|
Enable sending ARP requests for syslog servers when first configured Choices:
|
|
Set syslog level for sending snmp trap Choices:
|
|
Specify interface for source address in logging transactions |
|
Interface name with number |
|
VPN Routing/Forwarding instance name |
|
Set syslog server logging level Choices:
|
|
Enable logging of user info on privileged mode enabling Choices:
|
|
This option is used only with state parsed. The value of this option should be the output received from the IOS device by executing the command show running-config | include logging. The state parsed reads the configuration from |
|
The state the configuration should be left in With state replaced, for the listed logging configurations, that are in running-config and can have multiple set of commands but not in the task are negated. With state overridden, all configurations that are in running-config but not in the task are negated. Please refer to examples for more details. Choices:
|
Notes
Note
Tested against Cisco IOSXE Version 17.3 on CML.
This module works with connection
network_cli
. See https://docs.ansible.com/ansible/latest/network/user_guide/platform_ios.htmlThe Configuration defaults of the Cisco IOS network devices are supposed to hinder idempotent behavior of plays
Examples
# Using state: merged
# Before state:
# -------------
# router-ios#show running-config | section logging
# no logging exception
# no logging buffered
# no logging reload
# no logging rate-limit
# no logging console
# no logging monitor
# no logging cns-events
# no logging trap
- name: Apply the provided configuration
cisco.ios.ios_logging_global:
config:
buffered:
severity: notifications
size: 5099
xml: true
console:
severity: critical
xml: true
facility: local5
hosts:
- hostname: 172.16.1.12
- hostname: 172.16.1.11
xml: true
- hostname: 172.16.1.10
filtered: true
stream: 10
- hostname: 172.16.1.13
transport:
tcp:
port: 514
monitor:
severity: warnings
message_counter: log
snmp_trap:
- errors
trap: errors
userinfo: true
policy_firewall:
rate_limit: 10
logging_on: enable
exception: 4099
dmvpn:
rate_limit: 10
cns_events: warnings
state: merged
# Commands Fired:
# ---------------
# "commands": [
# "logging buffered xml 5099 notifications",
# "logging cns-events warnings",
# "logging console xml critical",
# "logging dmvpn rate-limit 10",
# "logging exception 4099",
# "logging facility local5",
# "logging monitor warnings",
# "logging on",
# "logging policy-firewall rate-limit 10",
# "logging trap errors",
# "logging userinfo",
# "logging host 172.16.1.12",
# "logging host 172.16.1.10 filtered stream 10",
# "logging host 172.16.1.13 transport tcp port 514",
# "logging message-counter log",
# "logging snmp-trap errors",
# "logging host 172.16.1.11 xml"
# ],
# After state:
# ------------
# router-ios#show running-config | section logging
# logging exception 4099
# logging message-counter log
# logging userinfo
# logging buffered xml 5099 notifications
# no logging reload
# no logging rate-limit
# logging console xml critical
# logging monitor warnings
# logging cns-events warnings
# logging policy-firewall rate-limit 10
# logging dmvpn rate-limit 10
# logging trap errors
# logging facility local5
# logging snmp-trap errors
# logging snmp-trap warnings
# logging host 172.16.1.13 transport tcp port 514
# logging host 172.16.1.11 xml
# logging host 172.16.1.12
# logging host 172.16.1.10 filtered stream 10
# Using state: deleted
# Before state:
# -------------
# router-ios#show running-config | section logging
# logging exception 4099
# logging message-counter log
# logging userinfo
# logging buffered xml 5099 notifications
# no logging reload
# no logging rate-limit
# logging console xml critical
# logging monitor warnings
# logging cns-events warnings
# logging policy-firewall rate-limit 10
# logging dmvpn rate-limit 10
# logging trap errors
# logging facility local5
# logging snmp-trap errors
# logging host 172.16.1.13 transport tcp port 514
# logging host 172.16.1.11 xml
# logging host 172.16.1.12
# logging host 172.16.1.10 filtered stream 10
- name: Remove all existing configuration
cisco.ios.ios_logging_global:
state: deleted
# Commands Fired:
# ---------------
# "commands": [
# "no logging message-counter log",
# "no logging snmp-trap errors",
# "no logging host 172.16.1.13",
# "no logging host 172.16.1.11",
# "no logging host 172.16.1.12",
# "no logging host 172.16.1.10",
# "no logging exception 4099",
# "no logging userinfo",
# "no logging buffered xml 5099 notifications",
# "no logging console xml critical",
# "no logging monitor warnings",
# "no logging cns-events warnings",
# "no logging policy-firewall rate-limit 10",
# "no logging dmvpn rate-limit 10",
# "no logging trap errors",
# "no logging facility local5"
# ],
# After state:
# ------------
# router-ios#show running-config | section logging
# no logging exception
# no logging buffered
# no logging reload
# no logging rate-limit
# no logging console
# no logging monitor
# no logging cns-events
# no logging trap
# Using state: overridden
# Before state:
# -------------
# router-ios#show running-config | section logging
# logging exception 4099
# logging message-counter log
# logging userinfo
# logging buffered 6000 critical
# no logging reload
# no logging rate-limit
# logging console xml critical
# logging monitor warnings
# logging cns-events warnings
# logging policy-firewall rate-limit 10
# logging dmvpn rate-limit 10
# logging trap errors
# logging facility local6
# logging host 172.16.1.13 transport tcp port 514
# logging host 172.16.1.12
# logging host 172.16.1.10 filtered stream 10
# logging host 172.16.1.25 filtered
- name: Override commands with provided configuration
cisco.ios.ios_logging_global:
config:
hosts:
- hostname: 172.16.1.27
filtered: true
state: overridden
# Commands Fired:
# ---------------
# "commands": [
# "no logging message-counter log",
# "no logging host 172.16.1.12",
# "no logging host 172.16.1.10",
# "no logging host 172.16.1.13",
# "no logging exception 4099",
# "no logging userinfo",
# "no logging console xml critical",
# "no logging monitor warnings",
# "no logging cns-events warnings",
# "no logging policy-firewall rate-limit 10",
# "no logging dmvpn rate-limit 10",
# "no logging trap errors",
# "no logging buffered 6000 critical",
# "no logging facility local6",
# "logging host 172.16.1.27 filtered",
# ],
# After state:
# ------------
# router-ios#show running-config | section logging
# no logging exception
# no logging buffered
# no logging reload
# no logging rate-limit
# no logging console
# no logging monitor
# no logging cns-events
# no logging trap
# logging host 172.16.1.27 filtered
# Using state: replaced
# Before state:
# -------------
# router-ios#show running-config | section logging
# logging exception 4099
# logging message-counter log
# logging userinfo
# logging buffered xml 5099 notifications
# no logging reload
# no logging rate-limit
# logging console xml critical
# logging monitor warnings
# logging cns-events warnings
# logging policy-firewall rate-limit 10
# logging dmvpn rate-limit 10
# logging trap errors
# logging facility local5
# logging snmp-trap errors
# logging host 172.16.1.13 transport tcp port 514
# logging host 172.16.1.11 xml
# logging host 172.16.1.12
# logging host 172.16.1.10 filtered stream 10
- name: Replace commands with provided configuration
cisco.ios.ios_logging_global:
config:
buffered:
severity: alerts
size: 6025
facility: local6
hosts:
- hostname: 172.16.1.19
- hostname: 172.16.1.10
filtered: true
stream: 15
state: replaced
# Commands Fired:
# ---------------
# "commands": [
# "no logging host 172.16.1.13",
# "no logging host 172.16.1.11",
# "no logging host 172.16.1.12",
# "no logging host 172.16.1.10",
# "logging host 172.16.1.19",
# "logging host 172.16.1.10 filtered stream 15",
# "logging buffered 6025 alerts",
# "logging facility local6"
# ],
# After state:
# ------------
# router-ios#show running-config | section logging
# logging exception 4099
# logging message-counter log
# logging userinfo
# logging buffered 6025 alerts
# no logging reload
# no logging rate-limit
# logging console xml critical
# logging monitor warnings
# logging cns-events warnings
# logging policy-firewall rate-limit 10
# logging dmvpn rate-limit 10
# logging trap errors
# logging facility local6
# logging snmp-trap errors
# logging host 172.16.1.19
# Using state: gathered
# Before state:
# -------------
# router-ios#show running-config | section logging
# logging exception 4099
# logging message-counter log
# logging userinfo
# logging buffered xml 5099 notifications
# no logging reload
# no logging rate-limit
# logging console xml critical
# logging monitor warnings
# logging cns-events warnings
# logging policy-firewall rate-limit 10
# logging dmvpn rate-limit 10
# logging trap errors
# logging facility local5
# logging snmp-trap errors
# logging host 172.16.1.13 transport tcp port 514
# logging host 172.16.1.11 xml
# logging host 172.16.1.12
# logging host 172.16.1.10 filtered stream 10
# logging host 172.16.1.25 filtered
- name: Gather listed logging config
cisco.ios.ios_logging_global:
state: gathered
# Module Execution Result:
# ------------------------
# "gathered": {
# "buffered": {
# "severity": "notifications",
# "size": 5099,
# "xml": true
# },
# "cns_events": "warnings",
# "console": {
# "severity": "critical",
# "xml": true
# },
# "dmvpn": {
# "rate_limit": 10
# },
# "exception": 4099,
# "facility": "local5",
# "hosts": [
# {
# "hostname": "172.16.1.11",
# "xml": true
# },
# {
# "hostname": "172.16.1.12"
# },
# {
# "filtered": true,
# "hostname": "172.16.1.10",
# "stream": 10
# },
# {
# "hostname": "172.16.1.13",
# "transport": {
# "tcp": {
# "port": 514
# }
# }
# },
# {
# "filtered": true,
# "hostname": "172.16.1.25"
# }
# ],
# "message_counter": [
# "log"
# ],
# "monitor": {
# "severity": "warnings"
# },
# "policy_firewall": {
# "rate_limit": 10
# },
# "snmp_trap": [
# "errors"
# ],
# "trap": "errors",
# "userinfo": true
# },
# After state:
# -------------
# router-ios#show running-config | section logging
# logging exception 4099
# logging message-counter log
# logging userinfo
# logging buffered xml 5099 notifications
# no logging reload
# no logging rate-limit
# logging console xml critical
# logging monitor warnings
# logging cns-events warnings
# logging policy-firewall rate-limit 10
# logging dmvpn rate-limit 10
# logging trap errors
# logging facility local5
# logging snmp-trap errors
# logging host 172.16.1.13 transport tcp port 514
# logging host 172.16.1.11 xml
# logging host 172.16.1.12
# logging host 172.16.1.10 filtered stream 10
# logging host 172.16.1.25 filtered
# Using state: rendered
- name: Render the commands for provided configuration
cisco.ios.ios_logging_global:
config:
buffered:
severity: notifications
size: 5099
xml: true
console:
severity: critical
xml: true
facility: local5
hosts:
- hostname: 172.16.1.12
- hostname: 172.16.1.11
xml: true
- hostname: 172.16.1.10
filtered: true
stream: 10
- hostname: 172.16.1.13
transport:
tcp:
port: 514
monitor:
severity: warnings
message_counter: log
snmp_trap: errors
trap: errors
userinfo: true
policy_firewall:
rate_limit: 10
logging_on: enable
exception: 10
dmvpn:
rate_limit: 10
cns_events: warnings
state: rendered
# Module Execution Result:
# ------------------------
# "rendered": [
# "logging host 172.16.1.12",
# "logging host 172.16.1.11 xml",
# "logging host 172.16.1.10 filtered stream 10",
# "logging host 172.16.1.13 transport tcp port 514",
# "logging message-counter log",
# "logging snmp-trap errors",
# "logging buffered xml 5099 notifications",
# "logging console xml critical",
# "logging facility local5",
# "logging monitor warnings",
# "logging trap errors",
# "logging userinfo",
# "logging policy-firewall rate-limit 10",
# "logging on",
# "logging exception 10",
# "logging dmvpn rate-limit 10",
# "logging cns-events warnings"
# ]
# Using state: parsed
# File: parsed.cfg
# ----------------
# logging on
# logging count
# logging userinfo
# logging trap errors
# logging reload alerts
# logging host 172.16.1.1
# logging exception 4099
# logging history alerts
# logging facility local5
# logging snmp-trap errors
# logging monitor warnings
# logging origin-id hostname
# logging host 172.16.1.11 xml
# logging cns-events warnings
# logging dmvpn rate-limit 10
# logging message-counter log
# logging console xml critical
# logging message-counter debug
# logging persistent batch 4444
# logging host 172.16.1.25 filtered
# logging source-interface GBit1/0
# logging source-interface CTunnel2
# logging policy-firewall rate-limit 10
# logging buffered xml 5099 notifications
# logging rate-limit all 2 except warnings
# logging host 172.16.1.10 filtered stream 10
# logging host 172.16.1.13 transport tcp port 514
# logging discriminator msglog01 severity includes 5
# logging filter tftp://172.16.2.18/ESM/elate.tcl args TESTInst2
# logging filter tftp://172.16.2.14/ESM/escalate.tcl args TESTInst
- name: Parse the provided configuration with the existing running configuration
cisco.ios.ios_logging_global:
running_config: "{{ lookup('file', 'parsed.cfg') }}"
state: parsed
# Module Execution Result:
# ------------------------
# "parsed": {
# "buffered": {
# "severity": "notifications",
# "size": 5099,
# "xml": true
# },
# "cns_events": "warnings",
# "console": {
# "severity": "critical",
# "xml": true
# },
# "count": true,
# "discriminator": [
# "msglog01 severity includes 5"
# ],
# "dmvpn": {
# "rate_limit": 10
# },
# "exception": 4099,
# "facility": "local5",
# "filter": [
# {
# "args": "TESTInst2",
# "url": "tftp://172.16.2.18/ESM/elate.tcl"
# },
# {
# "args": "TESTInst",
# "url": "tftp://172.16.2.14/ESM/escalate.tcl"
# }
# ],
# "history": {
# "severity": "alerts"
# },
# "hosts": [
# {
# "hostname": "172.16.1.1"
# },
# {
# "hostname": "172.16.1.11",
# "xml": true
# },
# {
# "filtered": true,
# "hostname": "172.16.1.25"
# },
# {
# "filtered": true,
# "hostname": "172.16.1.10",
# "stream": 10
# },
# {
# "hostname": "172.16.1.13",
# "transport": {
# "tcp": {
# "port": 514
# }
# }
# }
# ],
# "logging_on": "enable",
# "message_counter": [
# "log",
# "debug"
# ],
# "monitor": {
# "severity": "warnings"
# },
# "origin_id": {
# "tag": "hostname"
# },
# "persistent": {
# "batch": 4444
# },
# "policy_firewall": {
# "rate_limit": 10
# },
# "rate_limit": {
# "all": true,
# "except_severity": "warnings",
# "size": 2
# },
# "reload": {
# "severity": "alerts"
# },
# "snmp_trap": [
# "errors"
# ],
# "source_interface": [
# {
# "interface": "GBit1/0"
# },
# {
# "interface": "CTunnel2"
# }
# ],
# "trap": "errors",
# "userinfo": true
# }
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key |
Description |
---|---|
The resulting configuration model invocation. Returned: when changed Sample: |
|
The configuration prior to the model invocation. Returned: always Sample: |
|
The set of commands pushed to the remote device. Returned: always Sample: |