Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Understanding logging with a WLC

Hi all,

We have a 2500 controller with about 30 AP's (a few different models but mostly cleanair).

Can someone explain the difference between the various logs on the WLC and how I can get all of these logs to log to a syslog server?


The reason for the above interest in logging is that we have issues with some clients dropping off and not connecting back.

The main logs that seem to be of interest on the WLC are the; trap and messages log. But when I turn on syslog on the controller I don't get the information that I see in the trap and message logs.

I can see the particular devices that are experiencing dropouts appear in the message logs and the devices are being excluded e.g...  "#APF-6-MOBILE_EXCLUDED: apf_ms.c:5906 Excluded the mobile"

What I would like to do is work out why these devices are being excluded. I can see in the trap log for the excluded devices I get these messages...

Client Authentication Failure: MACAddress:xx.xx.xx.xx.xx.xx Base Radio MAC:34:dbxx.xx.xx.xx:d0 Slot: 0 User Name: unknown Ip Address: unknown Reason:Unspecified  ReasonCode: 1

So it looks like if I could get all of the logging to appear in one central place I may have a chance of getting to the bottom of what was going on, but it seems very confusing with logs being in a range of different places.




Hi,Go through the link below


Go through the link below.

New Member

Thanks Abwahid,That tells me

Thanks Abwahid,

That tells me how to turn on logging for an AP. But I was more interested in understanding the difference between the different logs - e.g. message log versus trap log. And if I do turn on logging as you suggested which log am I turning on syslog for trap or message (ideally I want both).



System logging allows

System logging allows controllers to log their system events to up to three remote syslog servers. The controller sends a copy of each syslog message as it is logged to each syslog server configured on the controller. Being able to send the syslog messages to multiple servers ensures that the messages are not lost due to the temporary unavailability of one syslog server. Message logging allows system messages to be logged to the controller buffer or console.

You can use the controller GUI or CLI to configure system and message logging.

For more information please refer to the link-

CreatePlease to create content