Re-direct log files

Answered Question
Jul 8th, 2009
User Badges:

Is there a way to redirect all of the log files that CiscoWorks Generate? For instance the syslog.log seems to be my biggest problem in that the shear size of it is very large and it takes up all 21 GB of free disk space then crashes my server. I then have to stop all services and relocate the file and restart everything.

Correct Answer by Martin Ermel about 7 years 11 months ago

If you want to change the syslog file location you can use the perl script NMSROOT/bin/ to do so.

More information is available here:

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Marvin Rhoads Wed, 07/08/2009 - 08:09
User Badges:
  • Super Silver, 17500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

The log file cannot be redirected to an alternate location or volume, but you can and should use the log rotation script ( to manage it. Search the online help for "logrot" to get more details

You can also purge old records, if you like. (Resource Manager Essentials > Admin > Syslog > Set Purge Policy) Immediate purges are also an option.

In the broader sense, you may want to track down the source of the syslog messages. Often, a few configuration errors are responsible for a high volume of messages. A proactive network operations staff may be able to track down these prblems and correct them, reducing the syslog messages to a more manageable number. Reduction of the volume of syslog messages attributable to configuration errors can be a useful metric to measure the effectiveness of the network operations staff.

Hope this helps. Please rate helpful posts.

scott.lorenzen@... Wed, 07/08/2009 - 08:22
User Badges:

Thank you for the reply. I have a script that does the each day in order to archive the logs off the system. I have also configured the Purge Policy accordingly and that is working.

I agree with your broader sense of things. This issue began when an outside individual began a report on a unit for more the 30 days. That report had been gathering syslog information on that unit and the data was overwhelming the server. Since this report has stopped the growth of the syslog.log is of normal size and no longer a factor.

Now just have to work on the security of the box to not allow this outside influence. Thanks.

Marvin Rhoads Wed, 07/08/2009 - 12:05
User Badges:
  • Super Silver, 17500 points or more
  • Cisco Designated VIP,

    2017 Firewalling, Network Management, VPN

Thanks for the catch , Martin. My mistake in my earlier response is noted. That feature is now reinforced in my memory. :)


This Discussion