CISCO IOSXE syslog field definition help

Started by JFS21045, December 21, 2020, 02:03:39 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

JFS21045

December 21, 2020, 02:03:39 PM
Can some one help explain this syslog format (as it deviates from normal IOS syslog messages)

Dec 15 00:00:00.000: %IOSXE-3-PLATFORM: F0: cpp_cp: QFP:0.0 Thread: 139 TS:00000000000000000000 %IPSEC-3-RECVD_PKT_NOT_IPSEC: Rec'd packet not an IPSEC packet, dest_addr=10.10.10.10, src_addr=1.1.1.1. prot=47

Is there a place that defines the fields (E.G. Thread)?

Is there look-up tables for thread#'s (EG 139 is XXX)?

deanwebb

#1
December 22, 2020, 09:20:18 AM
Yeah, that cpp_cp part up to the next % looks like it's specifying a thread from the switch. The rest of the message looks standard stuff, so I'm gonna wonder if you're able to go to the switch and get a display of the thread IDs and the processes they're associated with. I'd expect that thread 139 to be associated with the IPSEC daemon.
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.
Print
Go Up Pages1
User actions