Solved: Monitor and console debugging

mahesh18 · ‎05-14-2008

Can some expalnin we what is Monitor

and consile debugging

Richard Burts · ‎05-14-2008

mahesh

I am not sure that I understand quite what you are asking here. So let me explain it this way and if that does not answer your question then perhaps you can clarify so that I can understand better and give a better answer.

In essence we are talking here about syslog. There are many system messages that can be written to syslog - including debug messages. Syslog messages can be sent to several different destinations including: to the console, to the logging monitor, and to the logging buffer. It is possible to configure a severity level of messages that will be written to each of these destinations. Assuming that the same severity level is configured then the content of syslog messages (including debug) sent to the console will be the same as the content of syslog messages sent to logging monitor, and the same as the content of syslog messages sent to logging buffer.

The main difference in these logging destinations is how you view the messages. If you are connected to the console you will see the logging messages displayed on the console in real time. If you have a remote session (telnet or SSH) and if you enter the command terminal monitor, then you will see the messages in your session in real time. Or the console or a remote session can use the command show log and will see the messages that have been previously written to the log (messages not viewed in real time).

HTH

Rick

HTH

Rick

View solution in original post

Richard Burts · ‎05-14-2008

mahesh

I am not clear what you are really asking. So let me explain a few things and if it does not answer your question then please clarify for us what you are asking.

debug is a diagnostic utility that runs on Cisco. It can analyze and display many aspects of the operation of the Cisco. The output from debug is sent to the console by default. You can control whether the console displays the debug output by controlling the severity level of messages sent to the console. For example if you were to configure this:

logging console info

then it will set the severity level to not show debug output. (note that the default is logging console debug which does include the debug output).

An option is to send debug output to the monitor, which makes the debug available to a telnet session. If you telnet to Cisco and then enter the command:

terminal monitor

then it will send copies of the debug output to your telnet session.

HTH

Rick

HTH

Rick

mahesh18 · ‎05-14-2008

Hi rick,

Thanks for reply .

So console debugging is when some one gets cosole connection to router and we can view

the debugs which command we use to view the console debugging?

I wanted to know basically what is console and monitor debug mean?Also buffer logging

is when router logs message to internal memory?which memory it stores buffer logging

and if we want to see output of buffer debugg

will it be shown by sh log command?

Richard Burts · ‎05-14-2008

mahesh

You can initiate debug from a session on the console or from a remote session on the vty ports (telnet or SSH). When debug is running it sends its output to the destinations that I discussed.

On the console the output is just displayed on the terminal. No command is required for this. Note that the console is a terminal that is direct wired to the console port of the Cisco.

the monitor displays its output (including debug output) in real time. It is intended for remote sessions on the vty ports (telnet or SSH) and monitor is not available on the console. The command to initiate display of monitor outout is terminal monitor.

logging buffer stores its output in memory that is dynamically allocated for this purpose. Its display is not real time (a difference from logging monitor) and is available for display after the debug has run. The command to see the messages in the logging buffer is show log.

HTH

Rick

HTH

Rick

mahesh18 · ‎05-14-2008

Hi Rick,

thanks for reply again.

so if someone enable the console debugging on

router.then case 1----no one has console connection to router console port of router

in this case we will see console debugging by --sh log on router?

Case2--console debugg is enabled and someone has console connection to router port in this

case output of console debugg will be on router?if on router then if i telent the router sametime will it show both console and monitor debugg?

Richard Burts · ‎05-14-2008

mahesh

in case 1 if no one has a connection on the console port then no one will see the console debug output. sh log will not show console output but will show logging buffer output.

Note that the content of debug output sent to the console is the same as the content of debug output sent to logging buffer.

in case 2 if someone has an active connection on the console then they will see the console debug output. If you then telnet to the router it will be a different session because telnet is a remote access and console is a local access. If you telnet then you can use terminal monitor to see the debug output in your telnet session. And yes both console output and monitor output can be shown at the same time.

HTH

Rick

HTH

Rick

mahesh18 · ‎05-14-2008

Hi rick

thanks for reply once again

so this line

Note that the content of debug output sent to the console is the same as the content of debug output sent to logging buffer.

this means that if some one has console debug on and console connection to router

the conents that user sees on his laptop is same as sh log buffer command??????????

Richard Burts · ‎05-14-2008

mahesh

I am not sure that I understand quite what you are asking here. So let me explain it this way and if that does not answer your question then perhaps you can clarify so that I can understand better and give a better answer.

In essence we are talking here about syslog. There are many system messages that can be written to syslog - including debug messages. Syslog messages can be sent to several different destinations including: to the console, to the logging monitor, and to the logging buffer. It is possible to configure a severity level of messages that will be written to each of these destinations. Assuming that the same severity level is configured then the content of syslog messages (including debug) sent to the console will be the same as the content of syslog messages sent to logging monitor, and the same as the content of syslog messages sent to logging buffer.

The main difference in these logging destinations is how you view the messages. If you are connected to the console you will see the logging messages displayed on the console in real time. If you have a remote session (telnet or SSH) and if you enter the command terminal monitor, then you will see the messages in your session in real time. Or the console or a remote session can use the command show log and will see the messages that have been previously written to the log (messages not viewed in real time).

HTH

Rick

HTH

Rick

mahesh18 · ‎05-14-2008

Hi rick

thanks for all your replies

many thanks

Richard Burts · ‎05-14-2008

mahesh

I am glad that my answers have been helpful for you. Thank you for using the rating system to indicate that your question was resolved (and thanks for the ratings). It makes the forum more useful when people can read a question and can know that there were responses that helped to resolve the question.

The forum is an excellent place to learn about Cisco networking. I encourage you to continue your participation in the forum.

HTH

Rick

HTH

Rick

mahesh18 · ‎05-14-2008

Hi Rick also one more thing

when i do sh log on router it shows

Monitor logging: level debugging, 84 messages logged, xml disabled,

filtering disabled

so this shows terminal monitor is enabled?

when i ran the command terminal monitor i get

these reply

14 14:37:50 extende: %SEC-6-IPACCESSLOGP: list DCOMinA permitted tcp 10.12.29.79(135) -> 10.10.144.54(3372), 1 packet

May 14 14:37:56 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA permitted udp 10.6.49.58(0) -> 10.12.29.95(0), 1 packet

May 14 14:38:15 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA permitted udp 10.37.2.13(0) -> 10.18.30.80(0), 1 packet

May 14 14:38:17 extende: %SEC-6-IPACCESSLOGP: list DCOMinA permitted udp 10.18.34.182(0) -> 10.37.2.13(0), 1 packet

May 14 14:38:19 extende: %SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 7 packets

May 14 14:38:20 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA denied tcp 10.50.17.35(1352) -> 10.12.214.159(1171), 1 packet

May 14 14:38:25 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA permitted udp 10.37.2.13(0) -> 10.18.42.201(0), 1 packet

also when i do sh terminal command

i get this

sh terminal

Line 2, Location: "", Type: "XTERM"

Length: 70 lines, Width: 198 columns

Baud rate (TX/RX) is 9600/9600

Status: PSI Enabled, Ready, Active, No Exit Banner, Automore On

Capabilities: none

Modem state: Ready

Special Chars: Escape Hold Stop Start Disconnect Activation

^^x none - - none

Timeouts: Idle EXEC Idle Session Modem Answer Session Dispatch

00:12:00 00:30:00 none not set

Idle Session Disconnect Warning

never

Login-sequence User Response

00:00:30

Autoselect Initial Wait

not set

Modem type is unknown.

Session limit is not set.

Time since activation: 00:07:12

Editing is enabled.

History is enabled, history size is 20.

DNS resolution in show commands is enabled

Full user help is disabled

Allowed input transports are pad telnet rlogin mop v120 ssh.

Allowed output transports are pad telnet rlogin mop v120 ssh.

Preferred transport is telnet.

No output characters are padded

No special data dispatching characters

so my question is is termianl monitor configured on this router???????????

Many thanks

Richard Burts · ‎05-14-2008

mahesh

terminal monitor is certainly configured on that router. if terminal monitor were not configured you would not have gotten this output:

14 14:37:50 extende: %SEC-6-IPACCESSLOGP: list DCOMinA permitted tcp 10.12.29.79(135) -> 10.10.144.54(3372), 1 packet

May 14 14:37:56 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA permitted udp 10.6.49.58(0) -> 10.12.29.95(0), 1 packet

May 14 14:38:15 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA permitted udp 10.37.2.13(0) -> 10.18.30.80(0), 1 packet

May 14 14:38:17 extende: %SEC-6-IPACCESSLOGP: list DCOMinA permitted udp 10.18.34.182(0) -> 10.37.2.13(0), 1 packet

May 14 14:38:19 extende: %SEC-6-IPACCESSLOGRL: access-list logging rate-limited or missed 7 packets

May 14 14:38:20 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA denied tcp 10.50.17.35(1352) -> 10.12.214.159(1171), 1 packet

May 14 14:38:25 extende: %SEC-6-IPACCESSLOGP: list DCOMoutA permitted udp 10.37.2.13(0) -> 10.18.42.201(0), 1 packet

So getting that output is a verification that terminal monitor (and logging monitor) are configured and active.

I am not sure why you are asking about the show terminal command. It has nothing to do with showing debug output on the terminal. show terminal just shows how the terminal port is set up and is operating.

HTH

Rick

HTH

Rick