-
Cisco IOS Network Management Command Reference
-
Introduction
-
absolute through action snmp-trap
-
action string compare through buffers tune automatic
-
calendar set through clock update-calendar
-
cns aaa authentication through discover (cns)
-
emm through event manager scheduler script
-
event manager scheduler suspend through hw-module logging onboard (Cat 6K)
-
idle-timeout (WSMA) through ip director server weights
-
ip dns server through kron policy-list
-
line-cli through logging userinfo
-
major rising through ntp update-calendar
-
object id (action notification) through rmon queuesize
-
sample (expression) through show ethernet oam status
-
show event manager detector through show event manager session cli username
-
show facility-alarm through show ntp status
-
show odm-format through show rmon topn
-
show snmp through snmp mib event sample
-
snmp mib event trigger owner through snmp-server enable informs
-
snmp-server enable traps through snmp-server enable traps ospf cisco-specific retransmit
-
snmp-server enable traps ospf cisco-specific state-change through snmp-server enable traps voice poor-qov
-
snmp-server engineID local through snmp trap link-status
-
sntp broadcast client through xsm vdm
-
Feedback
Table Of Contents
show ip http client connection
show ip http client secure status
show ip http client session-module
show ip http server secure status
show monitor event-trace cpu-report
show facility-alarm
To display the status of a generated alarm, use the show facility-alarm command in privileged EXEC mode.
show facility-alarm {status [severity] | relay}
Cisco ASR 1000 Series Routers
show facility-alarm status [severity]
Syntax Description
Command Default
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
When a severity level is configured, statuses of alarms at that level and higher are shown. For example, when you set a severity of major, all major and critical alarms are shown.
Examples
The following is sample output from the show facility-alarm status command:
Router# show facility-alarm statusSystem Totals Critical:1 Major:0 Minor:0Source Severity Description [Index]------ -------- -------------------Fa0/0 CRITICAL Physical Port Link Down [0]Fa1/0 INFO Physical Port Administrative State Down [1]The following is a sample output from the show facility-alarm status command with a severity level set at major:Router# show facility-alarm status majorSystem Totals Critical:1 Major:0 Minor:0Source Severity Description [Index]------ -------- -------------------Fa0/0 CRITICAL Physical Port Link Down [0]Table 54 describes the significant fields shown in the displays.
Related Commands
clear facility-alarm
Clears alarm conditions and resets the alarm contacts.
facility-alarm
Configures threshold temperatures for minor, major, and critical alarms.
show format
To display a fully expanded list of commands that have a spec file entry (SFE), display the SFE of a specific command, or validate a specific spec file, use the show format command in privileged EXEC mode.
show format [built-in | location:local-filename] [cli command | validate]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the show format command to display an index of commands that have an SFE in the spec file, display the SFE of a specific command, or validate a spec file. The SFE of any command is in XML format.
Use the show format command to display an index of commands with an SFE in the current spec file. Some commands have an SFE in the built-in spec file of the image. Use the show format built-in command to display an index of the commands with an SFE in the built-in spec file.
To display the SFE for a specific command in the built-in spec file, use the show format built-in cli command command. For example, if show inventory is present in the built-in spec file, then show format built-in cli show inventory command will display the spec entry for this Command Line Interface (CLI). To display the SFE for a specific command in a specific spec file, use the show format location:local-filename cli command command.
To validate the built-in spec file use the show format built-in validate command. To validate a specific spec file use the show format location:local-filename validate command.
Examples
The following example displays the list of commands that have SFEs in the built-in spec file of the image:
Router# show format built-inThe following CLI are supported in built-inshow inventoryshow ip interface briefThe following example shows a list of fully expanded command names that have spec files in the spec3.3.odm file. A message is attached that lists an incorrectly defined command.
Router# show format slot0:spec3.3.odmThe following CLI are supported in slot0:spec3.3.odmshow arpshow bootvarshow cdp neighbors detailshow contextshow flash:show interfaces*show interfacesshow inventoryshow ip interface*show ip interface briefshow ip nat translationsshow line valueshow lineshow processes memoryshow regionshow spanning-treeshow stacksThe following CLI are IGNORED (incorrectly entered) in slot0:spec3.3.odmshow async statusThe following example shows the output when the spec entry for a particular command is requested from the default ODM file:
Router# show format cli show inventory<?xml version='1.0' encoding='utf-8'?><ODMSpec><Command><Name>show inventory</Name></Command><OS>ios</OS><DataModel><Container name="ShowInventory"><Container name="NAME:" alias = "InventoryEntry" dynamic = "true"><Property name="NAME:" alias = "ChassisName" distance = "1" length = "1" end-de><Property name="DESCR:" alias = "Description" distance = "1" length = "-1" type><Property name="PID:" alias="PID" distance = "1" length = "5" end-delimiter = "><Property name="VID:" alias="VID" distance = "1" length = "1" end-delimiter = "><Property name="SN:" alias="SN" distance = "1" length = "1" end-delimiter = ","></Container></Container></DataModel></ODMSpec>The following example shows the output when the spec entry for a particular command is requested from a specific ODM file:
Router# show format slot0:spec3.3.odm cli show ip interface brief<?xml version="1.0" encoding="UTF-8"?><ODMSpec><Command><Name>show ip interface brief</Name></Command><OS>ios</OS><DataModel><Container name="ShowIpInterfaceBrief"><Table name="IPInterfaces"><Header name="Interface" type="String" start="0" end="23"/><Header name="IP-Address" type="IpAddress" start="24" end="41"/><Header name="OK" type="String" start="42" end="46"/><Header name="Method" type="String" start="47" end="53"/><Header name="Status" type="String" start="54" end="75"/><Header name="Protocol" type="String" start="76" end="-1"/></Table></Container></DataModel></ODMSpec>The following example validates the built-in spec file:
Router# show format built-in validateThe file built-in has been validatedThe following example shows the output when a spec file fails to validate:Router# show format disk2:/spec3.4.odm validateThe following problem was detected in disk2:/spec3.4.odm bad format in the spec file, show line valueThe following example shows the output when a specific spec file is validated:Router# show format disk2:/spec3.user1.odm validateThe file disk2:/spec3.user1.odm has been validatedThe following example specifies the spec file named spec3.user2.odm as the default spec file instead of the built-in spec file, replaces the current spec file with it, and ensures that it is validated as the current spec file:
Router(config)# format global disk2:/spec3.user2.odmRouter(config)# exitRouter# spec-file install disk2:/spec3.user2.odm built-inReplace existing file? [yes]: EnterRouter#Router# show format validateThe file disk2:/spec3.user2.odm has been validatedEach display from the show format command is self-explanatory; see the "Usage Guidelines" section for more information.
Related Commands
show ip director default
Note
Effective with Cisco IOS Release 12.4(24)T, the show ip director default command is not available in Cisco IOS software.
To verify default metric configuration information for DistributedDirector metrics, use the show ip director default command in privileged EXEC mode.
show ip director default [priority | weight]
Syntax Description
priority
(Optional) Default priorities for metrics.
weight
(Optional) Displays the weights for metrics.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use this command to verify default metric configurations.
Examples
The following is sample output from the show ip director default priority command:
Router# show ip director default priorityDirector default metric priorities:random priority = 2DRP route lookup external to AS priority = 1administrative preference priority = 0DRP route lookup internal to AS priority = 0DRP distance to associated server priority = 0portion priority = 0Round-trip time from DRP to client priority = 0DFP originated weight priority = 0Route-map evaluation priority = 0Related Commands
ip director default priorities
Sets default priorities for DistributedDirector metrics.
show ip director dfp
Note
To display information about the current status of the DistributedDirector connections with a particular Dynamic Feedback Protocol (DFP) agent, use the show ip director dfp command in EXEC mode.
show ip director dfp [host-name | ip-address]
Syntax Description
Command Modes
EXEC
Command History
Examples
The following is sample output from the show ip director dfp command:
Router# show ip director dfp172.24.9.9:Max retries: 5Timeout between connect attempts: 60Timeout between updates: 90Last update received: 00:00:12 agoServer Port BindID Address Mask172.28.9.9 80 0 0.0.0.0 0.0.0.0192.168.25.25Max retries: 5Timeout between connect attempts: 60Timeout between updates: 90Last update received: 00:00:44 agoServer Port BindID Address Mask192.168.30.30 80 0 0.0.0.0 0.0.0.0show ip director drp
Note
To display information that the DistributedDirector has about specific Director Response Protocol (DRP) agents, use the show ip director drp command in privileged EXEC mode.
show ip director drp [host-name | ip-address]
Syntax Description
Command Modes
Privileged EXEC
Command History
12.1(5)T
This command was introduced.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
12.4(24)T
This command was removed.
Usage Guidelines
The show ip director drp command displays host-specific statistics, such as the number of queries received and the number of replies sent for a host.
Examples
The following is sample output from the show ip director drp command:
Router# show ip director drpDRP agent 172.21.34.2:14 requests, 6 replies, 4 requeries, 0 bad repliesSupported Servers:172.21.34.10172.21.34.11DRP agent 192.168.34.2:14 requests, 6 replies, 4 requeries, 0 bad repliesSupported servers:192.168.34.10show ip drp
To display information about the Director Response Protocol (DRP) Server Agent for DistributedDirector, use the show ip drp command in user EXEC or privileged EXEC mode.
show ip drp
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXECCommand History
Examples
The following is sample output from the show ip drp command:
Router# show ip drpDirector Responder Protocol Agent is enabled717 director requests, 712 successful lookups, 5 failures, 0 no routeAuthentication is enabled, using "test" key-chainTable 55 describes the significant fields shown in the display.
Related Commands
show ip drp boomerang
To display the status of various boomerang domains, use the show ip drp boomerang command in privileged EXEC mode.
show ip drp boomerang [domain-name]
Syntax Description
Command Modes
Privileged EXEC
Command History
Usage Guidelines
The show ip drp boomerang command can be used on the boomerang client to display the status of the various boomerang domains. The following information can be shown for each domain:
•
•
–
–
–
–
Examples
The following is sample output from the show ip drp boomerang command:
Router# show ip drp boomerang www.boom1.comDNS packets with unknown domain 0Domain www.boom1.comContent server 172.16.101.101 upOrigin server 0.0.0.0DNS A record requests 0Dropped (server down) 0Dropped (no origen server) 0Security failures 0Alias www.boom2.comDNS A record requests 0Related Commands
show ip http client
To display a report about the HTTP client, use the show ip http client command in user EXEC or privileged EXEC mode.
show ip http client {all | cache | connection | history | secure status | session-module | statistics}
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
Use this command to display information about the HTTP client.
Note
Examples
The following is sample output from the show ip http client cache command:
Router# show ip http client cacheHTTP client cache:Maximum Memory size for cache : 100000 bytes (default)Maximum memory per cache entry : 2000 bytes (default)Memory used : 1381 bytesMemory Available : 98619 bytesCache Ager interval : 5 minutes (default)Total entries created : 2Id Type Url Memory-size(Bytes) Refcnt Valid(Sec)__________________________________________________________________________536 Hdr 172.25.125.69/ 673 0 -132 Hdr 172.25.125.7:8888/ 708 0 -1The report is self-explanatory and lists information about the cache.
The following is sample output from the show ip http client connection command:
Router# show ip http client connectionHTTP client current connections:Persistent connection = enabled (default)Connection establishment timeout = 10s (default)Connection idle timeout = 30s (default)Maximum number of connection establishment retries = 1 (default)Maximum http client connections per host : 2HTTP secure client capability: Not presentlocal-ipaddress:port remote-ipaddress:port in-bytes out-bytes:80 172.20.67.174:11012 12584 176Total client connections : 1The report is self-explanatory and lists the active connections and user-configured or default values for the connections.
The following is sample output from the show ip http client history command:
Router# show ip http client historyHTTP client history:GET 03:25:36 UTC Thu Feb 26 2004mailer.cisco.com/mailer.htmlGET 03:25:56 UTC Thu Feb 26 2004mailer.cisco.com/mailer.htmlGET 03:26:10 UTC Thu Feb 26 2004mailer.cisco.com/mailer.htmlThe report is self-explanatory and lists the most recent URLs accessed by the HTTP client.
The following is sample output from the show ip http client secure status command:
Router# show ip http client secure statusHTTP secure client ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5 rc4-12aHTTP secure client trustpoint: TP-1Table 56 describes the significant fields shown in the display.
The following is sample output from the show ip http client session-module command:
Router# show ip http client session-moduleHTTP client application session modules:Id :1Application Name :HTTP CFSVersion :HTTP/1.1Persistent :non-persistentResponse-timeout :0Retries :0Proxy :Id :6Application Name :httpc_ifs_0Version :HTTP/1.1Persistent :non-persistentResponse-timeout :16Retries :0Proxy :Table 57 describes the fields shown in the display.
Related Commands
show ip http client connection
To display a report about HTTP client active connections, use the show ip http client connection command in privileged EXEC mode.
show ip http client connection
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use this command to display active connections and configured values for connections.
Examples
The following is sample output from the show ip http client connection command:
Router# show ip http client connectionHTTP client current connections:Persistent connection = enabled (default)Connection establishment timeout = 10s (default)Connection idle timeout = 30s (default)Maximum number of connection establishment retries = 1 (default)Maximum http client connections per host : 2HTTP secure client capability: Not presentlocal-ipaddress:port remote-ipaddress:port in-bytes out-bytes:80 172.20.67.174:11012 12584 176Total client connections : 1The report is self-explanatory and lists the active connections and user-configured or default values for the connections.
Related Commands
show ip http client cookie
To display the HTTP client cookies, use the show ip http client cookie command in privileged EXEC mode.
show ip http client cookie {brief | summary} [domain cookie-domain | name cookie-name | session session-name]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Examples
The following is example output from the show ip http client cookie brief command:
Device# show ip http client cookie briefHTTP client cookies of session HTTP CFS :HTTP client cookies of session CWMP_CLIENT :For expanded output please use 'summary' option for displayName Value Ver Domain Pathcookie8 8 1 172.17.0.2 /cwmp-1-0/cookie7 7 1 172.17.0.2 /cwmp-1-0/cookie3 3 1 172.16.0.2 /cwmp-1-0/cookie2 2 1 172.16.0.2 /cwmp-1-0/cookie1 1 1 172.16.0.2 /cwmp-1-0/HTTP client cookies of session cwmp_test_client :The following is example output from the show ip http client cookie brief domain command:
Device# show ip http client cookie brief domain 172.16.0.2HTTP client cookies of domain 172.16.0.2 :For expanded output please use 'summary' option for displayName Value Ver Domain Pathcookie3 3 1 172.16.0.2 /cwmp-1-0/cookie2 2 1 172.16.0.2 /cwmp-1-0/cookie1 1 1 172.16.0.2 /cwmp-1-0/The following is example output from the show ip http client cookie brief name command:
Device# show ip http client cookie brief name cookie3HTTP client cookies of name cookie3 :For expanded output please use 'summary' option for displayName Value Ver Domain Pathcookie3 3 1 172.16.0.2 /cwmp-1-0/The following is example output from the show ip http client cookie brief session command:
Device# show ip http client cookie brief session CWMP_CLIENTHTTP client cookies of session CWMP_CLIENT :For expanded output please use 'summary' option for displayName Value Ver Domain Pathcookie8 8 1 172.17.0.2 /cwmp-1-0/cookie7 7 1 172.17.0.2 /cwmp-1-0/cookie3 3 1 172.16.0.2 /cwmp-1-0/cookie2 2 1 172.16.0.2 /cwmp-1-0/cookie1 1 1 172.16.0.2 /cwmp-1-0/The following is example output from the show ip http client cookie summary command:
Device# show ip http client cookie summaryHTTP client cookies of session HTTP CFS :HTTP client cookies of session CWMP_CLIENT :Name : cookie8Value : 8Version : 1Domain : 172.17.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie7Value : 7Version : 1Domain : 172.17.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie3Value : 3Version : 1Domain : 172.16.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie2Value : 2Version : 1Domain : 172.16.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie1Value : 1Version : 1Domain : 172.16.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :HTTP client cookies of session cwmp_test_client :The following is example output from the show ip http client cookie summary domain command:
Device# show ip http client cookie summary domain 172.17.0.2HTTP client cookies of domain 172.17.0.2 :Name : cookie8Value : 8Version : 1Domain : 172.17.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie7Value : 7Version : 1Domain : 172.17.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :The following is example output from the show ip http client cookie summary name command:
Device# show ip http client cookie summary name cookie7HTTP client cookies of name cookie7 :Name : cookie7Value : 7Version : 1Domain : 172.17.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :The following is example output from the show ip http client cookie summary session command:
Device# show ip http client cookie summary session CWMP_CLIENTHTTP client cookies of session CWMP_CLIENT :Name : cookie8Value : 8Version : 1Domain : 172.17.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie7Value : 7Version : 1Domain : 172.17.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie3Value : 3Version : 1Domain : 172.16.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie2Value : 2Version : 1Domain : 172.16.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :Name : cookie1Value : 1Version : 1Domain : 172.16.0.2 (default)Path : /cwmp-1-0/ (default)Secure : noMax-Age : 600Port :Comment :CommentURL :show ip http client history
To display up to 20 URLs accessed by the HTTP client, use the show ip http client history command in privileged EXEC mode.
show ip http client history
Syntax Description
This command has no arguments or keywords
Defaults
No default behavior or values
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
This command displays a list of up to 20 URLs most recently accessed by the HTTP client.
Examples
The following is sample output from the show ip http client history command:
Router# show ip http client historyHTTP client history:GET 03:25:36 UTC Thu Feb 26 2004mailer.cisco.com/mailer.htmlGET 03:25:56 UTC Thu Feb 26 2004mailer.cisco.com/mailer.htmlGET 03:26:10 UTC Thu Feb 26 2004mailer.cisco.com/mailer.htmlThe report is self-explanatory and lists the most recent URLs accessed by the HTTP client.
Related Commands
show ip http client secure status
To display the status of the secure HTTP client configuration, use the show ip http client secure status command in privileged EXEC mode.
show ip http client secure status
Syntax Description
This command has no arguments or keywords.
Command Default
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Examples
The following is sample output from the show ip http client secure status command:
Router# show ip http client secure statusHTTP secure client ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5 rc4-12aHTTP secure client trustpoint: TP-1Table 58 describes the significant fields shown in the display.
Related Commands
show ip http client session-module
To display a report about sessions or applications that have registered with the HTTP client, use the show ip http client session-module command in privileged EXEC mode.
show ip http client session-module
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use this command to display information about applications that have registered with the HTTP client.
Examples
The following is sample output from the show ip http client session-module command:
Router# show ip http client session-moduleHTTP client application session modules:Id :1Application Name :HTTP CFSVersion :HTTP/1.0Persistent :non-persistentResponse-timeout :0Retries :0Proxy :Id :6Application Name :httpc_ifs_0Version :HTTP/1.1Persistent :non-persistentResponse-timeout :16Retries :0Proxy :Table 59 describes the fields shown in the display.
Related Commands
show ip http help-path
To display the current complete configured path of help files for use by the user's current GUI screen, use the show ip http help-path command in user EXEC or privileged EXEC mode.
show ip http help-path
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXEC
Command History
Usage Guidelines
Use this command to display the current complete help path configured in the HTTP server. This path is expected to hold help files relating to the user's current GUI screen.
Examples
The following is sample output from the show ip http help-path command:
Router# show ip http help-pathhttp://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag/ivory/1100Related Commands
show ip http server
To display details about the current configuration of the HTTP server, use the show ip http server command in user EXEC or privileged EXEC mode.
show ip http server {all | status | session-module | connection | statistics | history}
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
Use this command to show detailed status information about the HTTP server.
If the HTTP secure server capability is present, the output of the show ip http server all command will also include the information found in the output of the show ip http server secure status command.
Note
Examples
The following is sample output from the show ip http server all command:
Router# show ip http server allHTTP server status: EnabledHTTP server port: 80HTTP server authentication method: enableHTTP server access class: 0HTTP server base path:Maximum number of concurrent server connections allowed: 5Server idle time-out: 30 secondsServer life time-out: 120 secondsMaximum number of requests allowed on a connection: 2HTTP secure server capability: Not PresentHTTP server application session modules:Session module Name Handle DescriptionHomepage_Server 5 IOS Homepage ServerQDM 2 QOS Device Manager ServerHTTP IFS Server 1 HTTP based IOS File ServerQDM SA 3 QOS Device Manager Signed Applet ServerWEB_EXEC 4 HTTP based IOS EXEC ServerXSM 6 XML Session ManagerVDM 7 VPN Device Manager ServerITS 8 IOS Telephony ServiceITS_LOCDIR 9 ITS Local Directory SearchHTTP server current connections:local-ipaddress:port remote-ipaddress:port in-bytes out-bytes172.19.254.37:80 192.168.254.45:33737 70 2294HTTP server statistics:Accepted connections total: 1360HTTP server history:local-ipaddress:port remote-ipaddress:port in-bytes out-bytes end-time172.19.254.37:80 192.168.254.45:63530 60 1596 10:50:00 12/19Table 60 describes the significant fields shown in the display.
The following example shows sample output for the show ip http server status command:
Router# show ip http server statusHTTP server status: DisabledHTTP server port: 80HTTP server authentication method: enableHTTP server access class: 0HTTP server base path:Maximum number of concurrent server connections allowed: 5Server idle time-out: 600 secondsServer life time-out: 600 secondsMaximum number of requests allowed on a connection: 1HTTP secure server capability: PresentHTTP secure server status: DisabledHTTP secure server port: 443HTTP secure server ciphersuite: 3des-ede-cbc-sha des-cbc-sha rc4-128-md5 rc4-12aHTTP secure server client authentication: DisabledHTTP secure server trustpoint:The lines indicating the status of the HTTP secure (HTTPS) server will only be visible if your software image supports the HTTPS server. If your software image does not support SSL, only the following line will be visible:
HTTP secure server capability: Not present
Related Commands
show ip http server secure status
To display the status of the HTTP secure server configuration, use the show ip http server secure status command in privileged EXEC mode.
show ip http server secure status
Syntax Description
This command has no arguments or keywords.
Command Default
No default behavior or values.
Command Modes
Privileged EXEC
Command History
Examples
The following is sample output from the show ip http server secure status command:
Router# show ip http server secure status
HTTP secure server status: Enabled
HTTP secure server port: 1025
HTTP secure server ciphersuite: rc4-128-sha rc4-128-md5
HTTP secure server client authentication: Disabled
HTTP secure server trustpoint: CA-trust-localTable 61 describes the significant fields shown in the display.
Related Commands
show kron schedule
To display the status and schedule information of Command Scheduler occurrences, use the show kron schedule command in user EXEC or privileged EXEC mode.
show kron schedule
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC (>)
Privileged EXEC (#)
Command History
Usage Guidelines
Use the show kron schedule command to view all currently configured occurrences and when they are next scheduled to run.
Examples
The following sample output displays each configured policy name and the time interval before the policy is scheduled to run:
Router# show kron scheduleKron Occurrence Scheduleweek inactive, will run again in 7 days 01:02:33may inactive, will run once in 32 days 20:43:31 at 6:30 on Jun 20Table 62 describes the significant fields shown in the display.
Related Commands
show link monitor debug
To display the statistics of an executing process while link monitoring is enabled, use the show link monitor debug command in privileged EXEC mode.
show link monitor debug
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use this command for debugging various conditions occurring during the monitoring process.
Examples
The following example shows output of the show link monitor debug command:
Router# show link monitor debugLink Monitor Error StatisticsCONF STRUCTURE FOUND NULL...............0CONF STRUCTURE MALLOC FAIL..............0IPC SENT TOTAL..........................25IPC RECV TOTAL..........................3CCB CMD SENT TOTAL......................94LOVE LETTER RECV TOTAL..................1IPC SEND FAILURE........................1IPC RECV FAILURE........................0CCB CMD SEND FAILURE....................0LOVE LETTER RECV FAILURE................0CONFIG RESEND TO LC FAIL................0CHUNK ELEMENT FREE FAIL.................0CHUNK ELEMENT MALLOC FAIL...............0ELEMENTS IN TRAP QUEUE..................0TRAP FAIL ENQUEUE.......................0WATCHED QUEUE CREATEDCHUNK CREATEDThe route/switch processor (RSP) and versatile interface processors (VIPs) communicate via Inter-Process Communication (IPC) messages.
The RSP sends messages to the fast serial interface processor (FSIP) via command control block (CCB) commands.
The FSIP sends messages to the RSP via Loveletter messages.
Table 63 describes the significant fields shown in the display.
show logging
To display the state of system logging (syslog) and the contents of the standard system logging buffer, use the show logging command in privileged EXEC mode.
show logging [slot slot-number | summary]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
This command runs on the privileged EXEC mode. To enter the privileged EXEC mode, type enable in the user EXEC mode and press Enter. Provide a password, if prompted.
This command displays the state of syslog error and event logging, including host addresses, and which logging destinations (console, monitor, buffer, or host) logging is enabled. This command also displays Simple Network Management Protocol (SNMP) logging configuration parameters and protocol activity.
This command will also display the contents of the standard system logging buffer, if logging to the buffer is enabled. Logging to the buffer is enabled or disabled using the [no] logging buffered command. The number of system error and debugging messages in the system logging buffer is determined by the configured size of the syslog buffer. This size of the syslog buffer is also set using the logging buffered command.
To enable and set the format for syslog message time stamping, use the service timestamps log command.
If debugging is enabled (using any debug command), and the logging buffer is configured to include level 7 (debugging) messages, debug output will be included in the system log. Debugging output is not formatted like system error messages and will not be preceded by the percent symbol (%).
Examples
The following is sample output from the show logging command on a software image that supports the Embedded Syslog Manager (ESM) feature:
Router> enableRouter# show loggingSyslog logging: enabled (10 messages dropped, 5 messages rate-limited,0 flushes, 0 overruns, xml disabled, filtering disabled)Console logging: level debugging, 31 messages logged, xml disabled,filtering disabledMonitor logging: disabledBuffer logging: level errors, 36 messages logged, xml disabled,filtering disabledLogging Exception size (8192 bytes)Count and timestamp logging messages: disabledNo active filter modules.Trap logging: level informational, 45 message lines loggedLog Buffer (8192 bytes):The following example shows output from the show logging command after a message discriminator has been configured. Included in this example is the command to configure the message discriminator.
Router(config)# logging discriminator ATTFLTR1 severity includes 1,2,5 rate-limit 100Specified MD by the name ATTFLTR1 is not found.Adding new MD instance with specified MD attribute values.Router(config)# endRouter#000036: *Oct 20 16:26:04.570: %SYS-5-CONFIG_I: Configured from console by consoleRouter> enableRouter# show loggingSyslog logging: enabled (11 messages dropped, 0 messages rate-limited,0 flushes, 0 overruns, xml disabled, filtering disabled)No Active Message Discriminator.Inactive Message Discriminator:ATTFLTR1 severity group includes 1,2,5rate-limit not to exceed 100 messages per secondConsole logging: level debugging, 25 messages logged, xml disabled, filtering disabledMonitor logging: level debugging, 0 messages logged, xml disabled, filtering disabledBuffer logging: level debugging, 25 messages logged, xml disabled, filtering disabledLogging Exception size (8192 bytes)Count and timestamp logging messages: disabledNo active filter modules.Trap logging: level debugging, 28 message lines loggedLogging to 172.25.126.15 (udp port 1300, audit disabled, authentication disabled, encryption disabled, link up),28 message lines logged,0 message lines rate-limited,0 message lines dropped-by-MD,xml disabled, sequence number disabledfiltering disabledLogging to 172.25.126.15 (tcp port 1307, audit disabled, authentication disabled, encryption disabled, link up),28 message lines logged,0 message lines rate-limited,0 message lines dropped-by-MD,xml disabled, sequence number disabled, filtering disabledLogging to 172.20.1.1 (udp port 514, audit disabled,authentication disabled, encryption disabled, link up),28 message lines logged,0 message lines rate-limited,0 message lines dropped-by-MD,xml disabled, sequence number disabledfiltering disabledLog Buffer (1000000 bytes):Table 64 describes the significant fields shown in the output for the two preceding examples.
The following example shows that syslog messages from the system buffer are included, with time stamps. In this example, the software image does not support XML formatting or ESM filtering of syslog messages.
Router> enableRouter# show loggingSyslog logging:enabled (2 messages dropped, 0 flushes, 0 overruns)Console logging:disabledMonitor logging:level debugging, 0 messages loggedBuffer logging:level debugging, 4104 messages loggedTrap logging:level debugging, 4119 message lines loggedLogging to 192.168.111.14, 4119 message lines loggedLog Buffer (262144 bytes):Jul 11 12:17:49 EDT:%BGP-4-MAXPFX:No. of prefix received from 209.165.200.225 (afi 0) reaches 24, max 24! THE FOLLOWING LINE IS A DEBUG MESSAGE FROM NTP.! NOTE THAT IT IS NOT PRECEEDED BY THE % SYMBOL.Jul 11 12:17:48 EDT: NTP: Maxslew = 213866Jul 11 15:15:41 EDT:%SYS-5-CONFIG:Configured from tftp://host.com/addc5505-rsm.nyiix.Jul 11 15:30:28 EDT:%BGP-5-ADJCHANGE:neighbor 209.165.200.226 Up.Jul 11 15:31:34 EDT:%BGP-3-MAXPFXEXCEED:No. of prefix received from209.165.200.226 (afi 0):16444 exceed limit 375.Jul 11 15:31:34 EDT:%BGP-5-ADJCHANGE:neighbor 209.165.200.226 Down BGPNotification sent.Jul 11 15:31:34 EDT:%BGP-3-NOTIFICATION:sent to neighbor 209.165.200.226 3/1 (update malformed) 0 bytes...The software clock keeps an "authoritative" flag that indicates whether the time is authoritative (believed to be accurate). If the software clock has been set by a timing source (for example, via NTP), the flag is set. If the time is not authoritative, it will be used only for display purposes. Until the clock is authoritative and the "authoritative" flag is set, the flag prevents peers from synchronizing to the software clock.
Table 65 describes the symbols that precede the time stamp.
The following is sample output from the show logging summary command for a Cisco 12012 router. A number in the column indicates that the syslog contains that many messages for the line card. For example, the line card in slot 9 has 1 error message, 4 warning messages, and 47 notification messages.
Note
Router> enableRouter# show logging summary+-----+-------+-------+-------+-------+-------+-------+-------+-------+SLOT | EMERG | ALERT | CRIT | ERROR |WARNING| NOTICE| INFO | DEBUG |+-----+-------+-------+-------+-------+-------+-------+-------+-------+|* 0* | . | . | . | . | . | . | . | . || 1 | | | | | | | | || 2 | | | | 1 | 4 | 45 | | || 3 | | | | | | | | || 4 | | | | 5 | 4 | 54 | | || 5 | | | | | | | | || 6 | | | | | | | | || 7 | | | | 17 | 4 | 48 | | || 8 | | | | | | | | || 9 | | | | 1 | 4 | 47 | | || 10 | | | | | | | | || 11 | | | | 12 | 4 | 65 | | |+-----+-------+-------+-------+-------+-------+-------+-------+-------+Table 66 describes the logging level fields shown in the display.
Related Commands
show logging onboard (Cat 6K)
To display onboard failure logs (OBFL) on Cisco Catalyst 6000 series switches, use the show logging onboard command in privileged EXEC mode.
show logging onboard module slot-number [environment | interrupt | message | temperature | uptime] [continuous | detail | raw | summary] [start start-time-and-date] [end end-time-and-date] [status]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
The show logging onboard command can be entered without any keywords, which is the same as entering the show logging onboard summary command to display summarized information about OBFL for the device residing on the same module where the command is entered.
Use this command to view OBFL data from system hardware. The OBFL feature is enabled by default and records operating temperatures, hardware uptime, interrupts, and other important events and messages that can assist with diagnosing problems with hardware cards (or modules) installed in a Cisco router or switch. Data is logged to files stored in nonvolatile memory. When the onboard hardware is started up, a first record is made for each area monitored and becomes a base value for subsequent records.
The OBFL feature provides a circular updating scheme for collecting continuous records and archiving older (historical) records, ensuring accurate data about the system. Data is recorded in one of two formats: continuous information that displays a snapshot of measurements and samples in a continuous file, and summary information that provides details about the data being collected. The message "No historical data to display" is seen when historical data is not available.
See the examples for more information about the type of data collected.
Examples
Temperature
Temperatures surrounding hardware modules can exceed recommended safe operating ranges and cause system problems such as packet drops. Higher than recommended operating temperatures can also accelerate component degradation and affect device reliability. Monitoring temperatures is important for maintaining environmental control and system reliability. Once a temperature sample is logged, the sample becomes the base value for the next record. From that point on, temperatures are recorded either when there are changes from the previous record or if the maximum storage time is exceeded. Temperatures are measured and recorded in degrees Celsius.
The following example shows how you might enter this command:
Router# show logging onboard module 2 temperature detail--------------------------------------------------------------------------------TEMPERATURE SUMMARY INFORMATION--------------------------------------------------------------------------------Number of sensors : 12Sampling frequency : 5 minutesMaximum time of storage : 120 minutes--------------------------------------------------------------------------------Sensor | ID | Maximum Temperature 0C--------------------------------------------------------------------------------MB-Out 980201 43MB-In 980202 28MB 980203 29MB 980204 38EARL-Out 910201 0EARL-In 910202 0SSA 1 980301 38SSA 2 980302 36JANUS 1 980303 36JANUS 2 980304 35GEMINI 1 980305 0GEMINI 2 980306 0---------------------------------------------------------------Temp Sensor ID0C 1 2 3 4 5 6 7 8 9 10 11 12---------------------------------------------------------------No historical data to display-----------------------------------------------------------------------------------------------------------------------------------------------TEMPERATURE CONTINUOUS INFORMATION--------------------------------------------------------------------------------Sensor | ID |--------------------------------------------------------------------------------MB-Out 980201MB-In 980202MB 980203MB 980204EARL-Out 910201EARL-In 910202SSA 1 980301SSA 2 980302JANUS 1 980303JANUS 2 980304GEMINI 1 980305GEMINI 2 980306-------------------------------------------------------------------------------Time Stamp |Sensor Temperature 0CMM/DD/YYYY HH:MM:SS | 1 2 3 4 5 6 7 8 9 10 11 12-------------------------------------------------------------------------------03/06/2007 22:32:51 31 26 27 27 NA NA 33 32 30 29 NA NA03/06/2007 22:37:51 43 28 29 38 NA NA 38 36 36 35 NA NA-------------------------------------------------------------------------------Table 67 describes the significant fields shown in the display.
Operational Uptime
The operational uptime tracking begins when the module is powered on, and information is retained for the life of the module.
The following example shows how you might enter this command:
Router# show logging onboard module 2 uptime detail--------------------------------------------------------------------------------UPTIME SUMMARY INFORMATION--------------------------------------------------------------------------------First customer power on : 03/06/2007 22:32:51Total uptime : 0 years 0 weeks 2 days 18 hours 10 minutesTotal downtime : 0 years 0 weeks 0 days 8 hours 7 minutesNumber of resets : 130Number of slot changes : 16Current reset reason : 0xA1Current reset timestamp : 03/07/2007 13:29:07Current slot : 2Current uptime : 0 years 0 weeks 1 days 7 hours 0 minutes--------------------------------------------------------------------------------Reset | |Reason | Count |--------------------------------------------------------------------------------0x5 640x6 620xA1 4----------------------------------------------------------------------------------------------------------------------------------------------------------------UPTIME CONTINUOUS INFORMATION--------------------------------------------------------------------------------Time Stamp | Reset | UptimeMM/DD/YYYY HH:MM:SS | Reason | years weeks days hours minutes--------------------------------------------------------------------------------03/06/2007 22:32:51 0xA1 0 0 0 0 0--------------------------------------------------------------------------------The operational uptime application tracks the following events:
•
•
•
•
•
•
•
•
•
Interrupts
Interrupts are generated by system components that require attention from the CPU, such as ASICs and NMIs. Interrupts are generally related to hardware limit conditions or errors that need to be corrected.
The continuous format records each time a component is interrupted, and this record is stored and used as base information for subsequent records. Each time the list is saved, a timestamp is added. Time differences from the previous interrupt are counted, so that technical personnel can gain a complete record of the component's operational history when an error occurs.
The following example shows how you might enter this command:
Router# show logging onboard module 2 interrupt detail--------------------------------------------------------------------------------INTERRUPT SUMMARY INFORMATION--------------------------------------------------------------------------------Name | ID | Offset | Bit | Count--------------------------------------------------------------------------------No historical data to display----------------------------------------------------------------------------------------------------------------------------------------------------------------CONTINUOUS INTERRUPT INFORMATION--------------------------------------------------------------------------------MM/DD/YYYY HH:MM:SS mmm | Name | ID | Offset | Bit--------------------------------------------------------------------------------03/06/2007 22:33:06 450 Port-ASIC #2 9 0x00E7 6--------------------------------------------------------------------------------Table 69 describes the significant fields shown in the display.
Message Logging
The OBFL feature logs standard system messages. Instead of displaying the message to a terminal, the message is written to and stored in a file, so the message can be accessed and read at a later time. System messages range from level 1 alerts to level 7 debug messages, and these levels can be specified in the hw module logging onboard command.
The following example shows how you might enter this command:
Router# show logging onboard module 2 message detail--------------------------------------------------------------------------------ERROR MESSAGE SUMMARY INFORMATION--------------------------------------------------------------------------------Facility-Sev-Name | Count | Persistence FlagMM/DD/YYYY HH:MM:SS--------------------------------------------------------------------------------No historical data to display----------------------------------------------------------------------------------------------------------------------------------------------------------------ERROR MESSAGE CONTINUOUS INFORMATION--------------------------------------------------------------------------------MM/DD/YYYY HH:MM:SS Facility-Sev-Name--------------------------------------------------------------------------------03/06/2007 22:33:35 %GOLD_OBFL-3-GOLD : Diagnostic OBFL: Diagnostic OBFL testingTable 70 describes the significant fields shown in the display.
Table 70 Error Message Summary Information
A timestamp
Shows the date and time the message was logged.
Facility-Sev-Name
A coded naming scheme for a system message, as follows:
•
•
•
Error message
Follows the Facility-Sev-Name codes. For more information about system messages, see the Cisco IOS System and Error Messages guide.
Count
Indicates the number of instances of this message that is allowed in the history file. Once that number of instances has been recorded, the oldest instance will be removed from the history file to make room for new ones.
Persistence Flag
Gives a message priority over others that do not have the flag set.
Related Commands
show logging persistent
To display the contents of the logging persistent files, use the show logging persistent command in privileged EXEC mode.
show logging persistent [url filesystem:location] [selector-url filesystem:filename]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
To display the contents of the logging persistent files based on specific parameters in the syslog messages, you need to conduct a search on the syslog messages. In order to reduce the data input complexity, the show logging persistent command calls for a URL of a search parameters file, which contains a collection of search and sorting rules.
The search parameters file comprise three sections: search templates, search patterns, and sorting rules. These sections are described in the following text.
Search Templates
Search templates are constructed by using logical expressions and value rules. Value rules are methods of locating the beginning and ending of the object's value. The search templates along with value rules are used to locate objects in the syslog messages and to extract the objects' value.
Table 71 provides the definition of value rules for a list of search objects that can be used to construct search templates.
Syntax for Search Templates
Search templates for all types of objects are strings enclosed in quotes ("..."). If you provide multiple search templates on the same line, a search is performed for each of the search template in the left-to-right order (by using the logical operation OR).
You can provide arbitrary search templates for all object types except the following: AUDIT_RECORD_DATE, AUDIT_RECORD_TIME, RULE_IDENTITY, and RULE_IDENTITY_PLATFORM.
Search templates of the AUDIT_RECORD_DATE, AUDIT_RECORD_TIME, RULE_IDENTITY, and RULE_IDENTITY_PLATFORM, objects are hard coded because the location and the format of these objects in the Cisco IOS syslog messages are fixed.
The general syntax for the search template is:
<object_id>:<logical-expression>For example, the following syntax searches for user:, username, or user in the sylog messages and equates it to USER_ID.
USER_ID: "user:" "username" "user"Search Patterns
A search pattern is a regular expression (regexp) for selecting a subset of objects of a given type or a range of values.
Syntax for Search Patterns
Table 72 lists the syntax for search patterns of various types of objects:
Sorting Rules
The sorting rules instruct how to sort the selected subset. The sorting rule is specified as a search object ID followed by a sort-order specifier, which is either ASCENDING or DESCENDING.
Syntax for Sorting Rules
The general syntax for the sorting rules is:
<object_id>: ASCENDING | DESCENDINGFor example, the following syntax sorts the user IDs in an ascending order:
USER_ID: ASCENDINGSearch Parameters File
The search parameters file contains a search template, search patterns, and sorting rules. Each section of a search parameters file begins with a header and ends with footer. The general syntax for the search parameters file is as follows:
<SEARCH TEMPLATES>... search-templates here...</SEARCH TEMPLATES><SEARCH PATTERNS>...search-patterns here...</SEARCH PATTERNS><SORT RULES>... sort-rules here...</END SORT RULES>Search Parameters File: Example
The following example shows how to construct search parameters for finding all audit records sorted by the user, between 9/17/2009 and 9/21/2009, captured between 1:00 a.m. and 4:00 a.m. on those dates, which belong to usernames testuser1 or testuser2, and are attempts to initiate a telnet or console connection.
The following syslog messages appear in the output:
*Sep 19 02:46:02.173: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: testuser1] [Source: 172.27.53.101] [localport: 22] at 02:46:02 UTC Wed Sep 19 2001
*Sep 19 02:46:51.359: %SEC_LOGIN-4-LOGIN_FAILED: Login failed [user: testuser1] [Source: 172.27.53.101] [localport: 22] [Reason: Login Authentication Failed] at 02:46:51 UTC Wed Sep 19 2001
*Sep 19 03:26:28.721: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: testuser2] [Source: 0.0.0.0] [localport: 0] at 03:26:28 UTC Wed Sep 19 2001
The search parameters file for this example is constructed as follows:
<SEARCH TEMPLATES>USER_ID: "user:"SUBJECT_SERVICE_ID: "localport:"</SEARCH TEMPLATES><SEARCH PATTERNS>RULE_IDENTITY: "SEC_LOGIN\-5\-LOGIN_SUCCESS" "SEC_LOGIN\-4\-LOGIN_FAILED"USER_ID: "Alice|Bob"SUBJECT_SERVICE_ID: "0|22"AUDIT_RECORD_DATE: 2009-09-17:2009-09-21AUDIT_RECORD_TIME: 01:00:00 - 03:59:59</SEARCH PATTERNS><SORT RULES>USER_ID: ASCENDING</SORT RULES>The url filesystem:location keyword and argument combination specifies the audit folder location. If you do not specify these attributes, a default audit folder location is used. The default audit folder location is defined using the logging persistent command.
If you do not specify the selector-url filesystem:filename keyword and argument combination, the viewer displays log files in a chronological order.
Examples
The following is sample output from the show logging persistent command:
Router# show logging persistent000070: *Feb 17 01:22:24.147: %PARSER-6-EXPOSEDLOCKACQUIRED: Exclusive configuration lock acquired by user 'test' from terminal '0' -Process= "Exec", ipl= 0, pid= 3000071: *Feb 17 01:22:24.979: %SYS-5-CONFIG_I: Configured from console by ena on console000072: *Feb 17 01:22:24.979: %PARSER-6-EXPOSEDLOCKRELEASED: Exclusive configuration lock released from terminal '0' -Process= "Exec", ipl= 0, pid= 3000073: *Feb 17 02:45:17.201: %PARSER-6-EXPOSEDLOCKACQUIRED: Exclusive configuration lock acquired by user 'test' from terminal '0' -Process= "Exec", ipl= 0, pid= 3Router#000074: *Feb 18 05:49:19.443: %SYS-6-SHOW_LOGGING_PERSISTENT: User test has activated the show logging persistent command.The following example shows how to specify the location of the search parameters file "filter_rule_id" from bootflash. The syslog messages are sorted using the search parameters specified in the "filter_rule_id" file and the contents are displayed in the output. In this case, the search parameters specify the system to search for audit records sorted by the "testu1" user for the date 08/31/09.
Router# show logging persistent selector-url bootflash:filter_rule_id_pl*Aug 31 19:35:37.540: %SEC_LOGIN-5-LOGIN_SUCCESS: Login Success [user: testu1] [Source: 0.0.0.0] [localport: 0] at 19:35:37 UTC Fri Aug 31 2009*Aug 31 19:35:54.385: %PARSER-6-EXPOSEDLOCKACQUIRED: Exclusive configuration lock acquired by user 'testu1' from terminal '0' -Process= "Exec", ipl= 0, pid= 96 (note: includes space and apostrophe)The following example shows how to display syslog messages from an audit folder location:
Router# show logging persistent url bootflash:test_location000070: *Feb 17 01:22:24.147: %PARSER-6-EXPOSEDLOCKACQUIRED: Exclusive configuration lock acquired by user 'test' from terminal '0' -Process= "Exec", ipl= 0, pid= 3000071: *Feb 17 01:22:24.979: %SYS-5-CONFIG_I: Configured from console by test onconsoleRouter#000074: *Feb 18 05:49:19.443: %SYS-6-SHOW_LOGGING_PERSISTENT: User test has activated the show logging persistent command.Related Commands
clear logging
Clears messages from the logging buffer.
logging persistent
Enables the storage of logging messages on the router's ATA disk.
show management event
To display the Simple Network Management Protocol (SNMP) Event values that have been configured on your routing device through the use of the Event MIB, use the show management event command in privileged EXEC mode.
show management event
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
The Event MIB allows you to configure your own traps, informs, or set operations through the use of an external network management application. The show management event command is used to display the values for the Events configured on your system. For information on Event MIB functionality, see RFC 2981, available at http://www.ietf.org.
Examples
The following example is sample output from the show management event command:
Router# show management eventMgmt Triggers:(1): Owner: joe_user(1): 01, Comment: TestEvent, Sample: Abs, Freq: 120Test: Existence Threshold BooleanObjectOwner: aseem, Object: sethiOID: ifEntry.10.3, Enabled 1, Row Status 1Existence Entry: , Absent, ChangedStartUp: Present, AbsentObjOwn: , Obj: , EveOwn: aseem, Eve: 09Boolean Entry:Value: 10, Cmp: 1, Start: 1ObjOwn: , Obj: , EveOwn: aseem, Eve: 09Threshold Entry:Rising: 50000, Falling: 20000ObjOwn: ase, Obj: 01 RisEveOwn: ase, RisEve: 09 , FallEveOwn: ase, FallEve: 09Delta Value Table:(0): Thresh: Rising, Exis: 1, Read: 0, OID: ifEntry.10.3 , val: 69356097Mgmt Events:(1): Owner: aseem(1)Name: 09 , Comment: , Action: Set, Notify, Enabled: 1 Status: 1Notification Entry:ObjOwn: , Obj: , OID: ifEntry.10.1Set:OID: ciscoSyslogMIB.1.2.1.0, SetValue: 199, Wildcard: 2 TAG: , ContextName:Object Table:(1): Owner: aseem(1)Name: sethi, Index: 1, OID: ifEntry.10.1, Wild: 1, Status: 1Related Commands
debug management event
Allows real-time monitoring of Event MIB activities for the purposes of debugging.
show management expression
To display the Simple Network Management Protocol (SNMP) Expression values that have been configured on your routing device through the use of the Expression MIB, use the show management expression command in user EXEC or privileged EXEC mode.
show management expression
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC
Privileged EXEC (#)Command History
Examples
The following is sample output from the show management expression command:
Router# show management expressionExpression: 1 is activeExpression Owner: meExpression Name: meExpression to be evaluated is $1 + 100 where:$1 = ifDescrObject Condition is not setSample Type is absoluteObjectID is wildcardedThe output is self-explanatory.
Related Commands
debug management expression
Monitors the activities of the Expression MIB in real time on your routing device.
show mdf
To display loaded preconfigured Embedded Menu Manager (EMM) Menu Definition Files (MDFs), use the show mdf command in user EXEC or privileged EXEC mode.
show mdf
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC (#)
Privileged EXEC (#)Command History
Examples
The following is sample output from the show mdf command when a preconfigured MDF has been loaded on the router:
Router# show mdfMenu Name / URL:BGP / disk0:bgp.mdfThe following is sample output from the show mdf command when no MDFs exist on the router:
Router# show mdfNo menus configured!Related Commands
debug emm
Debugs MDFs.
emm
Loads and launches preconfigured MDFs or launches loaded preconfigured EMM menus.
show memory
To display statistics about memory when Cisco IOS software or Cisco IOS Software Modularity images are running, use the show memory command in user EXEC or privileged EXEC mode.
Cisco IOS software
show memory [memory-type] [free] [overflow] [summary] [poisoning]
Cisco IOS Software Modularity
show memory
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
Cisco IOS Software
The show memory command displays information about memory available after the system image decompresses and loads.
Cisco IOS Software Modularity
No optional keywords or arguments are supported for the show memory command when a Cisco IOS Software Modularity image is running. To display details about POSIX and Cisco IOS style system memory information when Software Modularity images are running, use the show memory detailed command.
Examples
Example output varies between Cisco IOS software images and Cisco IOS Software Modularity software images. To view the appropriate output, see the following sections:
•
Cisco IOS Software
The following is sample output from the show memory command:
Router# show memoryHead Total(b) Used(b) Free(b) Lowest(b) Largest(b)Processor B0EE38 5181896 2210036 2971860 2692456 2845368Processor memoryAddress Bytes Prev. Next Ref PrevF NextF Alloc PC WhatB0EE38 1056 0 B0F280 1 18F132 List ElementsB0F280 2656 B0EE38 B0FD08 1 18F132 List HeadersB0FD08 2520 B0F280 B10708 1 141384 TTY dataB10708 2000 B0FD08 B10F00 1 14353C TTY Input BufB10F00 512 B10708 B11128 1 14356C TTY Output BufB11128 2000 B10F00 B11920 1 1A110E Interrupt StackB11920 44 B11128 B11974 1 970DE8 *Init*B11974 1056 B11920 B11DBC 1 18F132 messagesB11DBC 84 B11974 B11E38 1 19ABCE Watched BooleanB11E38 84 B11DBC B11EB4 1 19ABCE Watched BooleanB11EB4 84 B11E38 B11F30 1 19ABCE Watched BooleanB11F30 84 B11EB4 B11FAC 1 19ABCE Watched BooleanThe following is sample output from the show memory free command:
Router# show memory freeHead Total(b) Used(b) Free(b) Lowest(b) Largest(b)Processor B0EE38 5181896 2210076 2971820 2692456 2845368Processor memoryAddress Bytes Prev. Next Ref PrevF NextF Alloc PC What24 Free list 1CEB844 32 CEB7A4 CEB88C 0 0 0 96B894 SSE Manager52 Free list 272 Free list 376 Free list 480 Free list 5D35ED4 80 D35E30 D35F4C 0 0 D27AE8 96B894 SSE ManagerD27AE8 80 D27A48 D27B60 0 D35ED4 0 22585E SSE Manager88 Free list 6100 Free list 7D0A8F4 100 D0A8B0 D0A980 0 0 0 2258DA SSE Manager104 Free list 8B59EF0 108 B59E8C B59F84 0 0 0 2258DA (fragment)The output of the show memory free command contains the same types of information as the show memory output, except that only free memory is displayed, and the information is ordered by free list.
The first section of the display includes summary statistics about the activities of the system memory allocator.
Table 73 describes the significant fields shown in the first section of the display.
The second section of the display is a block-by-block listing of memory use. Table 74 describes the significant fields shown in the second section of the display.
The show memory io command displays the free I/O memory blocks. On the Cisco 4000 router, this command quickly shows how much unused I/O memory is available.
The following is sample output from the show memory io command:
Router# show memory ioAddress Bytes Prev. Next Ref PrevF NextF Alloc PC What6132DA0 59264 6132664 6141520 0 0 600DDEC 3FCF0 *Packet Buffer*600DDEC 500 600DA4C 600DFE0 0 6132DA0 600FE68 0600FE68 376 600FAC8 600FFE0 0 600DDEC 6011D54 06011D54 652 60119B4 6011FEO 0 600FE68 6013D54 0614FCA0 832 614F564 614FFE0 0 601FD54 6177640 06177640 2657056 6172E90 0 0 614FCA0 0 0Total: 2723244The following sample output displays details of a memory block overflow correction when the exception memory ignore overflow global configuration command is configured:
Router# show memory overflowCount Buffer Count Last corrected Crashinfo files1 1 00:11:17 slot0:crashinfo_20030620-075755Traceback 607D526C 608731A0 607172F8 607288E0 607A5688 607A566CThe report includes the amount of time since the last correction was made and the name of the file that logged the memory block overflow details.
The show memory sram command displays the free SRAM memory blocks. For the Cisco 4000 router, this command supports the high-speed static RAM memory pool to make it easier for you to debug or diagnose problems with allocation or freeing of such memory.
The following is sample output from the show memory sram command:
Router# show memory sramAddress Bytes Prev. Next Ref PrevF NextF Alloc PC What7AE0 38178 72F0 0 0 0 0 0Total 38178The following sample output from the show memory command used on the Cisco 4000 router includes information about SRAM memory and I/O memory:
Router# show memoryHead Total(b) Used(b) Free(b) Lowest(b) Largest(b)Processor 49C724 28719324 1510864 27208460 26511644 15513908I/O 6000000 4194304 1297088 2897216 2869248 2896812SRAM 1000 65536 63400 2136 2136 2136Address Bytes Prev. Next Ref PrevF NextF Alloc PC What1000 2032 0 17F0 1 3E73E *Init*17F0 2032 1000 1FE0 1 3E73E *Init*1FE0 544 17F0 2200 1 3276A *Init*2200 52 1FE0 2234 1 31D68 *Init*2234 52 2200 2268 1 31DAA *Init*2268 52 2234 229C 1 31DF2 *Init*72F0 2032 6E5C 7AE0 1 3E73E Init7AE0 38178 72F0 0 0 0 0 0The show memory summary command displays a summary of all memory pools and memory usage per Alloc PC (address of the system call that allocated the block).
The following is a partial sample output from the show memory summary command. This output shows the size, blocks, and bytes allocated. Bytes equal the size multiplied by the blocks. For a description of the other fields, see Table 73 and Table 74.
Router# show memory summaryHead Total(b) Used(b) Free(b) Lowest(b) Largest(b)Processor B0EE38 5181896 2210216 2971680 2692456 2845368Processor memoryAlloc PC Size Blocks Bytes What0x2AB2 192 1 192 IDB: Serial Info0x70EC 92 2 184 Init0xC916 128 50 6400 RIF Cache0x76ADE 4500 1 4500 XDI data0x76E84 4464 1 4464 XDI data0x76EAC 692 1 692 XDI data0x77764 408 1 408 Init0x77776 116 1 116 Init0x777A2 408 1 408 Init0x777B2 116 1 116 Init0xA4600 24 3 72 List0xD9B5C 52 1 52 SSE Manager...0x0 0 3413 2072576 Pool Summary0x0 0 28 2971680 Pool Summary (Free Blocks)0x0 40 3441 137640 Pool Summary (All Block Headers)0x0 0 3413 2072576 Memory Summary0x0 0 28 2971680 Memory Summary (Free Blocks)Cisco IOS Software Modularity
The following is sample output from the show memory command when a Cisco IOS Software Modularity image is running.
Router# show memorySystem Memory: 262144K total, 116148K used, 145996K free 4000K kernel reservedTable 75 describes the significant fields shown in the display.
Related Commands
show memory io
To display the status of the I/O memory, which is used for packet data, use the show memory io command in user EXEC or privileged EXEC mode.
show memory io [allocating-process [totals] | dead [totals] | fragment [detail] | free [totals] | statistics [history [table]]]
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
The show memory io command displays information about I/O memory available after the system image decompresses and loads.
Examples
The following is sample output from the show memory io fragment command:
Router# show memory io fragmentI/O memoryAllocator PC Summary for allocated blocks in pool: I/OPC Total Count Name0x60240EE4 2248640 35 FastEthernet0/0x60395178 12480 3 FastEthernet0/00x603950EC 4224 2 FastEthernet0/00x6020F588 960 3 *Packet Data*0x6056B21C 576 1 InitAllocator PC Summary for free blocks in pool: I/OPC Total Count Name0x6020F588 29854096 3 (fragment)0x00000000 35632 1 (coalesced)0x632A3DE8 3072 16 (fragment)0x60395178 384 2 (fragment)0x6056B21C 256 1 (fragment)Free memory size : 29892244 Number of free blocks: 23Table 76 describes the significant fields shown in the display.
Related Commands
show monitor capture
To display the contents of a capture buffer or a capture point, use the show monitor capture command in privileged EXEC mode.
show monitor capture {buffer {capture-buffer-name [parameters] | all parameters | merged capture-buffer-name1 capture-buffer-name2}[dump] [filter filter-parameters]} | point {all | capture-point-name}}
Catalyst 6500 Series and Cisco 7600 Series
show monitor capture [buffer [start-index [end-index]] [brief [acl {acl-list | exp-acl-list}] | detail] [dump[nowrap dump-length] [acl {acl-list | exp-acl-list}] | status]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Note
If you are using Cisco 6500 series routers or Cisco 7600 series, refer to the following usage guidelines:
You can enter the show monitor capture command when the capture buffer is not in the running state. You can enter the show monitor capture status command even when the capture is enabled to see how many packets are captured.
If you enter the show monitor capture command without any keywords or arguments, the output displays the configurations. If you enter the dump nowrap keywords, one hexadecimal line is printed per packet. Up to 72 characters of packet bytes is dumped.
If you enter the dump nowrap dump-length keywords and argument value, the specified length of bytes per line is dumped. If you enter the brief keyword, only the src ip, dest ip, src port, dest port, and protocol fields are displayed along with the packet length and item number.
If you enter the detail keyword, packets are decoded to the layer 4 protocol level and displayed. If you enter the dump keyword, non-IP packets are displayed in hexadecimal dump format. An ACL can be configured as a display filter so that only packets permitted by the ACL are displayed.
Examples
The following example shows how to display all parameters for all capture buffers:
Router# show monitor capture buffer all parametersCapture buffer buff (circular buffer)Buffer Size : 262144 bytes, Max Element Size : 68 bytes, Packets : 0Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0Associated Capture Points:Configuration:monitor capture buffer buff circularCapture buffer buff1 (linear buffer)Buffer Size : 262144 bytes, Max Element Size : 68 bytes, Packets : 0Allow-nth-pak : 0, Duration : 0 (seconds), Max packets : 0, pps : 0Associated Capture Points:Configuration:Table 77 describes the significant fields shown in the display.
The following example shows how to display a hexadecimal dump of the captured packet. The report is self-explanatory and contains the interface type, switching path of the specified buffer, and a hexadecimal dump for the specified buffer.
Router# show monitor capture buff pktrace1 dump11:13:00.593 EDT Mar 21 2007 : IPv4 Turbo : Fa2/1 Fa0/165B6F500: 080020A2 44D90009 E94F8406 08004500 .. "DY..iO....E.65B6F510: 00400F00 0000FE01 92AF5801 13025801 .@....~../X...X.65B6F520: 58090800 4D1A1169 00000000 0005326C X...M..i......2l65B6F530: 01CCABCD ABCDABCD ABCDABCD ABCDABCD .L+M+M+M+M+M+M+M65B6F540: ABCDABCD ABCDABCD ABCDABCD ABCD00 +M+M+M+M+M+M+M.11:13:20.593 EDT Mar 21 2007 : IPv4 Turbo : Fa2/1 Fa0/165B6F500: 080020A2 44D90009 E94F8406 08004500 .. "DY..iO....E.65B6F510: 00400F02 0000FE01 92AD5801 13025801 .@....~..-X...X.65B6F520: 58090800 FEF91169 00000000 0005326C X...~y.i......2l65B6F530: 4FECABCD ABCDABCD ABCDABCD ABCDABCD Ol+M+M+M+M+M+M+M65B6F540: ABCDABCD ABCDABCD ABCDABCD ABCDFF +M+M+M+M+M+M+M.The following example shows how to display all the capture points:
Router# show monitor capture point allStatus Information for Capture Point ipceffa0/1IPv4 CEFSwitch Path: IPv4 CEF, Capture Buffer: pktrace1Status : InactiveConfiguration:monitor capture point ip cef ipceffa0/1 FastEthernet0/1 bothStatus Information for Capture Point localIPv4 CEFSwitch Path: IPv4 From Us, Capture Buffer: NoneStatus : InactiveTable 78 describes the significant fields shown in the display.
Catalyst 6500 Series and Cisco 7600 Series
The following example shows how to display the captured packets in a specific access control list (ACL):
Router# show monitor capture buffer acl 1Capture instance [1] :======================session status : uprate-limit value : 10000buffer-size : 2097152capture state : ON [running for 00:02:12.736]capture mode : Linearcapture length : 68Table 79 describes the significant fields shown in the display.
The following example shows how to display all the packets in a capture buffer. The report is self-explanatory.
Router# show monitor capture buffer1 IP: s=10.12.0.5 , d=224.0.0.10, len 602 346 0180.c200.000e 0012.44d8.5000 88CC 020707526F73 60 0180.c200.0000 0004.c099.06c5 0026 424203000004 60 ffff.ffff.ffff 0012.44d8.5000 0806 000108000605 IP: s=7.0.84.23 , d=224.0.0.5, len 1166 IP: s=10.12.0.1 , d=224.0.0.10, len 60The following example shows how to display packets that are decoded to the layer 4 protocol level. The report is self-explanatory.
Router# show monitor capture buffer detail1 Arrival time : 09:44:30 UTC Fri Nov 17 2006Packet Length : 74 , Capture Length : 68Ethernet II : 0100.5e00.000a 0008.a4c8.c038 0800IP: s=10.12.0.5 , d=224.0.0.10, len 60, proto=882 Arrival time : 09:44:31 UTC Fri Nov 17 2006Packet Length : 346 , Capture Length : 68346 0180.c200.000e 0012.44d8.5000 88CC 020707526F757463031The following example shows how to display the non-IP packets in hexadecimal dump format. The report is self-explanatory.
Router# show monitor capture buffer dump1 IP: s=10.12.0.5 , d=224.0.0.10, len 6008063810: 0100 5E00000A ..^...08063820: 0008A4C8 C0380800 45C0003C 00000000 ..$H@8..E@.<....08063830: 0258CD8F 0A0C0005 E000000A 0205EE6A .XM.....`.....nj08063840: 00000000 00000000 00000000 00000064 ...............d08063850: 0001000C 01000100 0000000F 0004 ..............2 346 0180.c200.000e 0012.44d8.5000 88CC 020707526F7574657204153 60 0180.c200.0000 0004.c099.06c5 0026 42420300000000008000004 60 ffff.ffff.ffff 0012.44d8.5000 0806 00010800060400010012445 IP: s=7.0.84.23 , d=224.0.0.5, len 1160806FCB0: 0100 5E000005 ..^...0806FCC0: 0015C7D7 AC000800 45C00074 00000000 ..GW,...E@.t....0806FCD0: 01597D55 07005417 E0000005 0201002C .Y}U..T.`......,0806FCE0: 04040404 00000000 00000002 00000010 ................0806FCF0: 455D8A10 FFFF0000 000A1201 0000 E]............The following example shows how to display one hexadecimal line per packet, with up to 72 characters of packet bytes dumped. The report is self-explanatory.
Router# show monitor capture buffer dump nowrap1 74 0100.5e00.000a 0008.a4c8.c038 0800 45C0003C0000002 346 0180.c200.000e 0012.44d8.5000 88CC 020707526F75743 60 0180.c200.0000 0004.c099.06c5 0026 424203000000004 60 ffff.ffff.ffff 0012.44d8.5000 0806 00010800060400Related Commands
show monitor event-trace
To display event trace messages for Cisco IOS software subsystem components, use the show monitor event-trace command in privileged EXEC mode.
show monitor event-trace [all-traces] [component {all | back hour:minute | clock hour:minute | from-boot seconds | latest | parameters}]
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Usage Guidelines
Use the show monitor event-trace command to display trace message information.
The trace function is not locked while information is being displayed to the console, which means that new trace messages can accumulate in memory. If entries accumulate faster than they can be displayed, some messages can be lost. If this happens, the show monitor event-trace command will generate a message indicating that some messages might be lost; however, messages will continue to display on the console. If the number of lost messages is excessive, the show monitor event-trace command will stop displaying messages.
Use the bfd keyword for the component argument to display trace messages relating to the BFD feature.
Use the cfd keyword for the component argument to display trace messages relating to the crypto fault detection feature. This keyword displays the contents of the error trace buffers in an encryption data path.
Examples
IPC Component Example
The following is sample output from the show monitor event-trace component command for the interprocess communication (IPC) component. Notice that each trace message is numbered and is followed by a time stamp (derived from the device uptime). Following the time stamp is the component-specific message data.
Router# show monitor event-trace ipc3667: 6840.016:Message type:3 Data=01234567893668: 6840.016:Message type:4 Data=01234567893669: 6841.016:Message type:5 Data=01234567893670: 6841.016:Message type:6 Data=0123456BFD Component for Cisco IOS Release 12.2(18)SXE, 12.0(31)S, and 12.4(4)T
Use the show monitor event-trace bfd all command to display logged messages for important BFD events in the recent past. The following trace messages show BFD session state changes:
Router# show monitor event-trace bfd all3d03h: EVENT: Session [172.16.10.2,172.16.10.1,Fa6/0,1], event Sessioncreate, state Unknown -> Fail3d03h: EVENT: Session [172.16.10.2,172.16.10.1,Fa6/0,1], state Fail -> Down(from LC)3d03h: EVENT: Session [172.16.10.2,172.16.10.1,Fa6/0,1], state Down -> Init(from LC)3d03h: EVENT: Session [172.16.10.2,172.16.10.1,Fa6/0,1], state Init -> Up(from LC)3d07h: EVENT: Session [172.16.10.2,172.16.10.1,Fa6/0,2], event Sessioncreate, state Unknown -> Fail3d07h: EVENT: Session [172.16.10.2,172.16.10.1,Fa6/0,2], state Fail -> Down(from LC)3d07h: EVENT: Session [172.16.10.2,172.16.10.1,Fa6/0,2], state Down -> Up(from LC)To display trace information for all components configured for event tracing on the networking device, enter the show monitor event-trace all-traces command. In this example, separate output is provided for each event, and message numbers are interleaved between the events.
Router# show monitor event-trace all-tracesTest1 event trace:3667: 6840.016:Message type:3 Data=01234567893669: 6841.016:Message type:4 Data=01234567893671: 6842.016:Message type:5 Data=01234567893673: 6843.016:Message type:6 Data=0123456789Test2 event trace:3668: 6840.016:Message type:3 Data=01234567893670: 6841.016:Message type:4 Data=01234567893672: 6842.016:Message type:5 Data=01234567893674: 6843.016:Message type:6 Data=0123456789SPA Component Example
The following is sample output from the show monitor event-trace component latest command for the spa component:
Router# show monitor event-trace spa latest00:01:15.364: subslot 2/3: 4xOC3 POS SPA, TSM Event:inserted New state:wait_psm_readyspa type 0x44000:02:02.308: subslot 2/0: not present, TSM Event:empty New state:removespa type 0x0, fail code 0x0(none)00:02:02.308: subslot 2/0: not present, TSM Event:remove_complete New state:idle00:02:02.308: subslot 2/1: not present, TSM Event:empty New state:removespa type 0x0, fail code 0x0(none)00:02:02.308: subslot 2/1: not present, TSM Event:remove_complete New state:idle00:02:02.308: subslot 2/2: not present, TSM Event:empty New state:removespa type 0x0, fail code 0x0(none)00:02:02.308: subslot 2/2: not present, TSM Event:remove_complete New state:idle00:02:02.312: subslot 2/3: not present(plugin 4xOC3 POS SPA), TSM Event:empty Newstate:removespa type 0x0, fail code 0x0(none)00:02:02.312: subslot 2/3: not present, TSM Event:remove_complete New state:idleCisco Express Forwarding Component Examples
If you select Cisco Express Forwarding as the component for which to display event messages, you can use the following additional arguments and keywords: show monitor event-trace cef [events | interface | ipv6 | ipv4][all].
The following example shows the IPv6 or IPv4 events related to the Cisco Express Forwarding component. Each trace message is numbered and is followed by a time stamp (derived from the device uptime). Following the time stamp is the component-specific message data.
Router# show monitor event-trace cef ipv6 all00:00:24.612: [Default] *::*/*'00 New FIB table [OK]Router# show monitor event-trace cef ipv4 all00:00:24.244: [Default] 127.0.0.81/32'01 FIB insert [OK]In the following example, all event trace messages for the Cisco Express Forwarding component are displayed:
Router# show monitor event-trace cef events all00:00:18.884: SubSys fib_ios_chain init00:00:18.884: Inst unknown -> RP00:00:24.584: SubSys fib init00:00:24.592: SubSys fib_ios init00:00:24.592: SubSys fib_ios_if init00:00:24.596: SubSys ipv4fib init00:00:24.608: SubSys ipv4fib_ios init00:00:24.612: SubSys ipv6fib_ios init00:00:24.620: Flag IPv4 CEF enabled set to yes00:00:24.620: Flag 0x7BF6B62C set to yes00:00:24.620: Flag IPv4 CEF switching enabled set to yes00:00:24.624: GState CEF enabled00:00:24.628: SubSys ipv4fib_les init00:00:24.628: SubSys ipv4fib_pas init00:00:24.632: SubSys ipv4fib_util init00:00:25.304: Process Background created00:00:25.304: Flag IPv4 CEF running set to yes00:00:25.304: Process Background event loop enter00:00:25.308: Flag IPv4 CEF switching running set to yesThe following example shows Cisco Express Forwarding interface events:
Router# show monitor event-trace cef interface all00:00:24.624: <empty> (sw 4) Create new00:00:24.624: <empty> (sw 4) SWIDBLnk FastEthernet0/0(4)00:00:24.624: Fa0/0 (sw 4) NameSet00:00:24.624: <empty> (hw 1) Create new00:00:24.624: <empty> (hw 1) HWIDBLnk FastEthernet0/0(1)00:00:24.624: Fa0/0 (hw 1) NameSet00:00:24.624: <empty> (sw 3) Create new00:00:24.624: <empty> (sw 3) SWIDBLnk FastEthernet0/1(3)00:00:24.624: Fa0/1 (sw 3) NameSet00:00:24.624: <empty> (hw 2) Create newCisco Express Forwarding Component Examples for Cisco 10000 Series Routers Only
The following example shows the IPv4 events related to the Cisco Express Forwarding component. Each trace message is numbered and is followed by a time stamp (derived from the device uptime). Following the time stamp is the component-specific message data.
Router# show monitor event-trace cef ipv4 all00:00:48.244: [Default] 127.0.0.81/32'01 FIB insert [OK]In the following example, all event trace message for the Cisco Express Forwarding component are displayed:
Router# show monitor event-trace cef events all00:00:18.884: SubSys fib_ios_chain init00:00:18.884: Inst unknown -> RP00:00:24.584: SubSys fib init00:00:24.592: SubSys fib_ios init00:00:24.592: SubSys fib_ios_if init00:00:24.596: SubSys ipv4fib init00:00:24.608: SubSys ipv4fib_ios init00:00:24.620: Flag IPv4 CEF enabled set to yes00:00:24.620: Flag 0x7BF6B62C set to yes00:00:24.620: Flag IPv4 CEF switching enabled set to yes00:00:24.624: GState CEF enabled00:00:24.628: SubSys ipv4fib_les init00:00:24.628: SubSys ipv4fib_pas init00:00:24.632: SubSys ipv4fib_util init00:00:25.304: Process Background created00:00:25.304: Flag IPv4 CEF running set to yes00:00:25.304: Process Background event loop enter00:00:25.308: Flag IPv4 CEF switching running set to yesThe following examples show Cisco Express Forwarding interface events:
Router# show monitor event-trace cef interface all00:00:24.624: <empty> (sw 4) Create new00:00:24.624: <empty> (sw 4) SWIDBLnk FastEthernet1/0/0(4)00:00:24.624: Fa0/0 (sw 4) NameSet00:00:24.624: <empty> (hw 1) Create new00:00:24.624: <empty> (hw 1) HWIDBLnk FastEthernet1/0/0(1)00:00:24.624: Fa0/0 (hw 1) NameSet00:00:24.624: <empty> (sw 3) Create new00:00:24.624: <empty> (sw 3) SWIDBLnk FastEthernet1/1/0(3)00:00:24.624: Fa0/1 (sw 3) NameSet00:00:24.624: <empty> (hw 2) Create newCFD Component for Cisco IOS Release 12.4(9)T
To troubleshoot errors in an encryption datapath, enter the show monitor event-trace cfd all command. In this example, events are shown separately, each beginning with a time stamp, followed by data from the error trace buffer. Cisco Technical Assistence Center (TAC) engineers can use this information to diagnose the cause of the errors.
Note
Router# show monitor event-trace cfd all00:00:42.452: 450000B4 00060000 FF33B306 02020203 02020204 32040000 F672999C 00000001 7A7690C2 A0A4F8BC E732985C D6FFDCC8 00000001 C0902BD0 A99127AE 8EAA22D4 00:00:44.452: 450000B4 00070000 FF33B305 02020203 02020204 32040000 F672999C 00000002 93C01218 2325B697 3C384CF1 D6FFDCC8 00000002 BFA13E8A D21053ED 0F62AB0E 00:00:46.452: 450000B4 00080000 FF33B304 02020203 02020204 32040000 F672999C 00000003 7D2E11B7 A0BA4110 CC62F91E D6FFDCC8 00000003 7236B930 3240CA8C 9EBB44FF 00:00:48.452: 450000B4 00090000 FF33B303 02020203 02020204 32040000 F672999C 00000004 FB6C80D9 1AADF938 CDE57ABA D6FFDCC8 00000004 E10D8028 6BBD748F 87F5E253 00:00:50.452: 450000B4 000A0000 FF33B302 02020203 02020204 32040000 F672999C 00000005 697C8D9D 35A8799A 2A67E97B D6FFDCC8 00000005 BC21669D 98B29FFF F32670F6 00:00:52.452: 450000B4 000B0000 FF33B301 02020203 02020204 32040000 F672999C 00000006 CA18CBC4 0F387FE0 9095C27C D6FFDCC8 00000006 87A54811 AE3A0517 F8AC4E64Related Commands
show monitor event-trace cpu-report
To display event trace messages for the CPU, use the show monitor event-trace cpu-report command in user EXEC or privileged EXEC mode.
show monitor event-trace cpu-report {brief {all [detail] | back time | clock time | from-boot seconds | [detail] | latest [detail]} | handle handle-number}
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
Use the show monitor event-trace cpu-report command with the brief keyword to display the CPU report details. To see individual snapshots, use the show monitor event-trace cpu-report handle handle-number command.
To view the uptime, in seconds, enter the show monitor event-trace cpu-report from-boot ? command.
Examples
To view CPU report details for event tracing on a networking device, enter the show monitor event-trace cpu-report brief all command:
Router# show monitor event-trace cpu-report brief allTimestamp : Handle Name Description00:01:07.320: 1 CPU NoneTo view CPU report details for event tracing on a networking device for the handle number 1, enter the show monitor event-trace cpu-report handle 1 command:
Router# show monitor event-trace cpu-report handle 100:01:07.320: 1 CPU None################################################################################Global Statistics-----------------5 sec CPU util 0%/0% Timestamp 21:03:56Queue Statistics----------------Exec Count Total CPU Response Time Queue Length(avg/max) (avg/max)Critical 1 0 0/0 1/1High 5 0 0/0 1/1Normal 178 0 0/0 2/9Low 15 0 0/0 2/3Common Process Information-------------------------------PID Name Prio Style-------------------------------10 AAA high-capacit M New133 RADIUS TEST CMD M New47 VNM DSPRM MAIN H New58 TurboACL M New97 IP Background M New99 CEF: IPv4 proces L New112 X.25 Background M New117 LFDp Input Proc M New3 Init M OldCPU Intensive processes-------------------------------------------------------------------------------PID Total Exec Quant Burst Burst size Schedcall SchedcallCPUms Count avg/max Count avg/max(ms) Count Per avg/max-------------------------------------------------------------------------------3 820 6 136/236 1 24/24 18 887/15172Priority Suspends------------------------------------PID Exec Count Prio-Susps------------------------------------3 6 1Latencies-------------------------PID Exec Count Latencyavg/max-------------------------10 1 15192/15192133 1 15192/1519258 1 15192/15192112 1 15192/15192117 1 15192/1519299 1 15172/1517247 1 15172/1517297 1 15172/15172################################################################################Global Statistics-----------------5 sec CPU util 0%/0% Timestamp 00:00:00Queue Statistics----------------Exec Count Total CPU Response Time Queue Length(avg/max) (avg/max)Critical 0 0 0/0 0/0High 0 0 0/0 0/0Normal 0 0 0/0 0/0Low 0 0 0/0 0/0Common Process Information-------------------------------PID Name Prio Style-------------------------------CPU Intensive processes-------------------------------------------------------------------------------PID Total Exec Quant Burst Burst size Schedcall SchedcallCPUms Count avg/max Count avg/max(ms) Count Per avg/max-------------------------------------------------------------------------------Priority Suspends------------------------------------PID Exec Count Prio-Susps------------------------------------Latencies-------------------------PID Exec Count Latencyavg/max-------------------------################################################################################Related Commands
show netconf
To display network configuration protocol (NETCONF) information, use the show netconf command in privileged EXEC mode.
show netconf {counters | session | schema}
Syntax Description
Command Modes
Privileged EXEC (#)
Command History
Examples
The following is sample output from the show netconf counters command:
Router# show netconf countersNETCONF CountersConnection Attempts:0: rejected:0 no-hello:0 success:0Transactionstotal:0, success:0, errors:0detailed errors:in-use 0 invalid-value 0 too-big 0missing-attribute 0 bad-attribute 0 unknown-attribute 0missing-element 0 bad-element 0 unknown-element 0unknown-namespace 0 access-denied 0 lock-denied 0resource-denied 0 rollback-failed 0 data-exists 0data-missing 0 operation-not-supported 0 operation-failed 0partial-operation 0The following is sample output from the show netconf session command:
Router# show netconf session(Current | max) sessions: 3 | 4Operations received: 100 Operation errors: 99Connection Requests: 5 Authentication errors: 2 Connection Failures: 0ACL dropped : 30Notifications Sent: 20The output of the show netconf schema command describes the element structure for a NETCONF request and the resulting reply. This schema can be used to construct proper NETCONF requests and parse the resulting replies. The nodes in the schema are defined in RFC 4741. The following is sample output from the show netconf schema command:
Router# show netconf schemaNew Name Space 'urn:ietf:params:xml:ns:netconf:base:1.0'<VirtualRootTag> [0, 1] required<rpc-reply> [0, 1] required<ok> [0, 1] required<data> [0, 1] required<rpc-error> [0, 1] required<error-type> [0, 1] required<error-tag> [0, 1] required<error-severity> [0, 1] required<error-app-tag> [0, 1] required<error-path> [0, 1] required<error-message> [0, 1] required<error-info> [0, 1] required<bad-attribute> [0, 1] required<bad-element> [0, 1] required<ok-element> [0, 1] required<err-element> [0, 1] required<noop-element> [0, 1] required<bad-namespace> [0, 1] required<session-id> [0, 1] required<hello> [0, 1] required<capabilities> 1 required<capability> 1+ required<rpc> [0, 1] required<close-session> [0, 1] required<commit> [0, 1] required<confirmed> [0, 1] required<confirm-timeout> [0, 1] required<copy-config> [0, 1] required<source> 1 required<config> [0, 1] required<cli-config-data> [0, 1] required<cmd> 1+ required<cli-config-data-block> [0, 1] required<xml-config-data> [0, 1] required<Device-Configuration> [0, 1] required<> any subtree is allowed<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<target> 1 required<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<delete-config> [0, 1] required<target> 1 required<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<discard-changes> [0, 1] required<edit-config> [0, 1] required<target> 1 required<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<default-operation> [0, 1] required<test-option> [0, 1] required<error-option> [0, 1] required<config> 1 required<cli-config-data> [0, 1] required<cmd> 1+ required<cli-config-data-block> [0, 1] required<xml-config-data> [0, 1] required<Device-Configuration> [0, 1] required<> any subtree is allowed<get> [0, 1] required<filter> [0, 1] required<config-format-text-cmd> [0, 1] required<text-filter-spec> [0, 1] required<config-format-text-block> [0, 1] required<text-filter-spec> [0, 1] required<config-format-xml> [0, 1] required<oper-data-format-text-block> [0, 1] required<show> 1+ required<oper-data-format-xml> [0, 1] required<show> 1+ required<get-config> [0, 1] required<source> 1 required<config> [0, 1] required<cli-config-data> [0, 1] required<cmd> 1+ required<cli-config-data-block> [0, 1] required<xml-config-data> [0, 1] required<Device-Configuration> [0, 1] required<> any subtree is allowed<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<filter> [0, 1] required<config-format-text-cmd> [0, 1] required<text-filter-spec> [0, 1] required<config-format-text-block> [0, 1] required<text-filter-spec> [0, 1] required<config-format-xml> [0, 1] required<kill-session> [0, 1] required<session-id> [0, 1] required<lock> [0, 1] required<target> 1 required<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<unlock> [0, 1] required<target> 1 required<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<validate> [0, 1] required<source> 1 required<config> [0, 1] required<cli-config-data> [0, 1] required<cmd> 1+ required<cli-config-data-block> [0, 1] required<xml-config-data> [0, 1] required<Device-Configuration> [0, 1] required<> any subtree is allowed<candidate> [0, 1] required<running> [0, 1] required<startup> [0, 1] required<url> [0, 1] required<notification-on> [0, 1] required<notification-off> [0, 1] requiredTable 80 describes the significant fields shown in the displays.
Related Commands
show ntp associations
To display the status of Network Time Protocol (NTP) associations, use the show ntp associations command in user EXEC or privileged EXEC mode.
show ntp associations [detail]
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Examples
Detailed descriptions of the information displayed by this command can be found in the NTP specification (RFC 1305).
The following is sample output from the show ntp associations command:
Router> show ntp associationsaddress ref clock st when poll reach delay offset disp~172.31.32.2 172.31.32.1 5 29 1024 377 4.2 -8.59 1.6+~192.168.13.33 192.168.1.111 3 69 128 377 4.1 3.48 2.3*~192.168.13.57 192.168.1.111 3 32 128 377 7.9 11.18 3.6* master (synced), # master (unsynced), + selected, - candidate, ~ configuredTable 81 describes the significant fields shown in the display.
The following is sample output from the show ntp associations detail command:
Router> show ntp associations detail172.31.32.2 configured, insane, invalid, stratum 5ref ID 172.31.32.1, time AFE252C1.6DBDDFF2 (00:12:01.428 PDT Mon Jul 5 1993)our mode active, peer mode active, our poll intvl 1024, peer poll intvl 64root delay 137.77 msec, root disp 142.75, reach 376, sync dist 215.363delay 4.23 msec, offset -8.587 msec, dispersion 1.62precision 2**19, version 3org time AFE252E2.3AC0E887 (00:12:34.229 PDT Mon Jul 5 1993)rcv time AFE252E2.3D7E464D (00:12:34.240 PDT Mon Jul 5 1993)xmt time AFE25301.6F83E753 (00:13:05.435 PDT Mon Jul 5 1993)filtdelay = 4.23 4.14 2.41 5.95 2.37 2.33 4.26 4.33filtoffset = -8.59 -8.82 -9.91 -8.42 -10.51 -10.77 -10.13 -10.11filterror = 0.50 1.48 2.46 3.43 4.41 5.39 6.36 7.34192.168.13.33 configured, selected, sane, valid, stratum 3ref ID 192.168.1.111, time AFE24F0E.14283000 (23:56:14.078 PDT Sun Jul 4 1993)our mode client, peer mode server, our poll intvl 128, peer poll intvl 128root delay 83.72 msec, root disp 217.77, reach 377, sync dist 264.633delay 4.07 msec, offset 3.483 msec, dispersion 2.33precision 2**6, version 3org time AFE252B9.713E9000 (00:11:53.442 PDT Mon Jul 5 1993)rcv time AFE252B9.7124E14A (00:11:53.441 PDT Mon Jul 5 1993)xmt time AFE252B9.6F625195 (00:11:53.435 PDT Mon Jul 5 1993)filtdelay = 6.47 4.07 3.94 3.86 7.31 7.20 9.52 8.71filtoffset = 3.63 3.48 3.06 2.82 4.51 4.57 4.28 4.59filterror = 0.00 1.95 3.91 4.88 5.84 6.82 7.80 8.77192.168.13.57 configured, our_master, sane, valid, stratum 3ref ID 192.168.1.111, time AFE252DC.1F2B3000 (00:12:28.121 PDT Mon Jul 5 1993)our mode client, peer mode server, our poll intvl 128, peer poll intvl 128root delay 125.50 msec, root disp 115.80, reach 377, sync dist 186.157delay 7.86 msec, offset 11.176 msec, dispersion 3.62precision 2**6, version 2org time AFE252DE.77C29000 (00:12:30.467 PDT Mon Jul 5 1993)rcv time AFE252DE.7B2AE40B (00:12:30.481 PDT Mon Jul 5 1993)xmt time AFE252DE.6E6D12E4 (00:12:30.431 PDT Mon Jul 5 1993)filtdelay = 49.21 7.86 8.18 8.80 4.30 4.24 7.58 6.42filtoffset = 11.30 11.18 11.13 11.28 8.91 9.09 9.27 9.57filterror = 0.00 1.95 3.91 4.88 5.78 6.76 7.74 8.71Table 82 describes the significant fields shown in the display.
Related Commands
show ntp status
To display the status of the Network Time Protocol (NTP), use the show ntp status command in user EXEC or privileged EXEC mode.
show ntp status
Syntax Description
This command has no arguments or keywords.
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Examples
The following is sample output from the show ntp status command:
Router> show ntp statusClock is synchronized, stratum 4, reference is 192.168.13.57nominal freq is 250.0000 Hz, actual freq is 249.9990 Hz, precision is 2**19reference time is AFE2525E.70597B34 (00:10:22.438 PDT Mon Jul 5 1993)clock offset is 7.33 msec, root delay is 133.36 msecroot dispersion is 126.28 msec, peer dispersion is 5.98 msecTable 83 describes the significant fields shown in the display.
Related Commands
