Manualshelf

Brocade Fabric OS Message Reference - Supporting Fabric OS v5.3.0 (53-1000437-01, June 2007)

ManualsBrandsHP ManualsStorageHP StorageWorks Multiprotocol Full 16-port Router
41424344454647484950
2 Fabric OS Message Reference
53-1000437-01
Overview of System Messages
1
Messages are numbered sequentially from 1 to 2,147,483,647 (0x7ffffff). The sequence
number will continue to increase beyond the storage limit of 1024 messages. The sequence
number can be reset to 1 using the errClear command. The sequence number is persistent
across power cycles and switch reboots.
By default, the errDump and errShow commands display all of the system error messages.
Trace dump, first-time failure detection capture (FFDC), and core dump files can be uploaded
to the FTP server using the supportSave command.
It is recommended to configure the syslogd facility as a management tool for error logs. This is
particularly important for dual-domain switches, as the syslogd facility saves messages from
two logical switches as a single file and in sequential order. See “System Logging Daemon
(syslogd)” on page 3 for more information.
EVENT AUDITING
Event auditing is designed to support post-event audtis and problem determination based on
high-frequency events of certain types such as security violations, zoning configuration changes,
firmware downloads, and certain types of fabric events. Pre-Fabric OS v5.2.0 generated a subset of
messages flagged as AUDIT in the RASLog to identify some of this type of output in addition to error
log messages. In Fabric OS v5.2.0 and later, messages flagged as AUDIT are no longer saved in the
switch’s error logs. Instead, the switch can be configured to stream Audit messages to the switch
console and to forward the messages to specified syslog server(s). There is no limit to the number
of audit events.
For any given event, AUDIT messages capture the following information:
User Name: The name of the user who triggered the action.
User Role: for example, root or admin.
Event Name: The name of the event that occurred.
Status: The status of the event that occurred: success or failure.
Event Info: Information about the event.
The following five event classes can be audited:
TABLE 1
Operand Event Class Description
1 Zone You can audit zone event configuration changes, but not the actual
values that were changed. For example, you may receive a message
that states “Zone configuration has changed,” but the message
does not display the actual values that were changed.
2 Security Security: You can audit any user-initiated security event for all
management interfaces. For events that have an impact on the
entire fabric, an audit is only generated for the switch from which the
event was initiated.
3 Configuration Configuration: You can audit configuration downloads of existing
SNMP configuration parameters. Configuration uploads are not
audited.
4 Firmware You can audit configuration downloads of existing SNMP
configuration parameters. Configuration uploads are not audited.
5 Fabric You can audit Administration Domain related changes.