When the unexpected happens, it is always good to know how to start investigation. Logs are definitely a valid starting point. They are the well-known and universally adopted approach to track and record events generated by an operating system or software running on top.

I need a log file

Log files provide a computer-generated list of occurrences, activities and operations on a system, itemized in a temporal order for ease of use. Therefore, logs can help with tracking messages and interaction between users and the communication interface of the device or program. Administrators can compare logs from different devices and get some additional insights, like determine the root cause of an issue. I’m sure all of us living in the internet age have accessed the history tab of their browser. Well, that is nothing more than a log file.

The importance and massive adoption of logs has prompted the development of standards. The Internet Engineering Task Force (IETF) syslog standard (RFC 5424) is a key example. This can be considered as a dedicated, standardized subsystem to generate, record, filter and analyze log messages. Being a standard, all software developers dealing with Information Technology (IT) products can refer and use it without having to design and code their own version.

The widespread adoption of logs has contributed to their variety. Logs can be categorized and differentiated as event logs, transaction logs, message logs or accounting logs.

The use of log files

Log files are often the primary data source for system observability. Real time use of log files allows for tracking the step-by-step execution of a process. The postmortem analysis of log files helps determine where the process halted, what error was encountered, or which administrator committed a specific action (auditing).

Log files serve multiple purposes, and their monitoring and analysis can benefit an organization in several ways. It can improve the reliability of a system, it can help in sizing system resources for a better user experience, it can boost performance by identifying execution bottlenecks, it can help to maintain the security posture and detect data breaches, it can improve business decision-making and much more. Often, logs represent the starting point and main source of information for troubleshooting anomalous behaviors or poor performance.

Collecting logs on MDS 9000

Recently we on-boarded a new enterprise corporation. They decided to replace their obsolete non-Cisco 16G network and adopt MDS 9700 technology at 32G.  One of their storage administrators asked me these questions:

  • what is the best way to collect logs from MDS 9000 switches?
  • what logs are the most useful in what situation? (yes, there are many logs, not a single one).

Though the Cisco MDS NX-OS configuration guides offer lots of details, I have to admit they are a bit dry. Moreover they fail to provide the value of hands-on experience beyond the facts and commands. For this reason, and with some colleagues, I decided to write a technical note on this topic. Above all, we explain the basic concepts about logs and tech-support. In addition, we offer a step-by-step guide that would drive you to an easier and successful interaction with the Cisco support team (TAC). Please review the new technical notes to access the guide.

The Cisco TAC coming to the rescue

The Cisco Technical Assistance Center (TAC) is an award-winning group within Cisco Customer Experience (CX) organization. The team provides unparalleled technical support service to Cisco customers, partners, resellers and distributors. They have a mission: help and support users and installers of Cisco products when they feel they need some. For this reason, and to best meet customer’s needs, TAC provides around-the-clock support in multiple ways, including online or via email/phone. You can stay reassured you will get technical support delivered by world-class experts and guided by analytics/insights from solving millions of cases worldwide, every year.

If you love history and want to discover the roots and origin of Cisco TAC and the role of a TAC engineer, this 1-hour long podcast could be for you.

Cisco TAC Engineer Role


Hopefully the new technical document includes some non-trivial information that could serve you well in the rare situation you would need support about the MDS 9000 family. Your positive feedback on the usefulness and quality of this content will prompt us to consider future updates and describe alternative options.



Collecting logs from Cisco MDS 9000 Switches and DCNM


Fausto Vaninetti

Technical Solutions Architect

EMEAR Specialists - Datacenter