Module related to the EOS various logging tests.
NOTE: The EOS command show logging does not support JSON output format.
VerifyLoggingAccounting
Verifies if AAA accounting logs are generated.
Expected Results
- Success: The test will pass if AAA accounting logs are generated.
- Failure: The test will fail if AAA accounting logs are NOT generated.
Examples
anta.tests.logging:
- VerifyLoggingAccounting:
Source code in anta/tests/logging.py
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406 | class VerifyLoggingAccounting(AntaTest):
"""Verifies if AAA accounting logs are generated.
Expected Results
----------------
* Success: The test will pass if AAA accounting logs are generated.
* Failure: The test will fail if AAA accounting logs are NOT generated.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingAccounting:
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [AntaCommand(command="show aaa accounting logs | tail", ofmt="text")]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingAccounting."""
pattern = r"cmd=show aaa accounting logs"
output = self.instance_commands[0].text_output
if re.search(pattern, output):
self.result.is_success()
else:
self.result.is_failure("AAA accounting logs are not generated")
|
VerifyLoggingEntries
Verifies that the expected log string is present in the last specified log messages.
Expected Results
- Success: The test will pass if the expected log string for the mentioned severity level is present in the last specified log messages.
- Failure: The test will fail if the specified log string is not present in the last specified log messages.
Examples
anta.tests.logging:
- VerifyLoggingEntries:
logging_entries:
- regex_match: ".ACCOUNTING-5-EXEC: cvpadmin ssh."
last_number_messages: 30
severity_level: alerts
- regex_match: ".SPANTREE-6-INTERFACE_ADD:."
last_number_messages: 10
severity_level: critical
Inputs
| Name |
Type |
Description |
Default |
logging_entries |
list[LoggingQuery]
|
List of logging entries and regex match.
|
-
|
Source code in anta/tests/logging.py
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486 | class VerifyLoggingEntries(AntaTest):
"""Verifies that the expected log string is present in the last specified log messages.
Expected Results
----------------
* Success: The test will pass if the expected log string for the mentioned severity level is present in the last specified log messages.
* Failure: The test will fail if the specified log string is not present in the last specified log messages.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingEntries:
logging_entries:
- regex_match: ".ACCOUNTING-5-EXEC: cvpadmin ssh."
last_number_messages: 30
severity_level: alerts
- regex_match: ".SPANTREE-6-INTERFACE_ADD:."
last_number_messages: 10
severity_level: critical
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [
AntaTemplate(template="show logging {last_number_messages} {severity_level}", ofmt="text", use_cache=False)
]
class Input(AntaTest.Input):
"""Input model for the VerifyLoggingEntries test."""
logging_entries: list[LoggingQuery]
"""List of logging entries and regex match."""
def render(self, template: AntaTemplate) -> list[AntaCommand]:
"""Render the template for last number messages and log severity level in the input."""
return [template.render(last_number_messages=entry.last_number_messages, severity_level=entry.severity_level) for entry in self.inputs.logging_entries]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingEntries."""
self.result.is_success()
for command_output, logging_entry in zip(self.instance_commands, self.inputs.logging_entries):
output = command_output.text_output
if not re.search(logging_entry.regex_match, output):
self.result.is_failure(
f"Pattern: {logging_entry.regex_match} - Not found in last {logging_entry.last_number_messages} {logging_entry.severity_level} log entries"
)
|
VerifyLoggingErrors
Verifies there are no syslog messages with a severity of ERRORS or higher.
Expected Results
- Success: The test will pass if there are NO syslog messages with a severity of ERRORS or higher.
- Failure: The test will fail if ERRORS or higher syslog messages are present.
Examples
anta.tests.logging:
- VerifyLoggingErrors:
Source code in anta/tests/logging.py
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436 | class VerifyLoggingErrors(AntaTest):
"""Verifies there are no syslog messages with a severity of ERRORS or higher.
Expected Results
----------------
* Success: The test will pass if there are NO syslog messages with a severity of ERRORS or higher.
* Failure: The test will fail if ERRORS or higher syslog messages are present.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingErrors:
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [AntaCommand(command="show logging threshold errors", ofmt="text")]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingErrors."""
command_output = self.instance_commands[0].text_output
if len(command_output) == 0:
self.result.is_success()
else:
self.result.is_failure("Device has reported syslog messages with a severity of ERRORS or higher")
|
VerifyLoggingHostname
Verifies if logs are generated with the device FQDN.
This test performs the following checks:
- Retrieves the device’s configured FQDN.
- Sends a test log message at the specified severity log level.
- Retrieves the most recent logs (last 30 seconds).
- Verifies that the test message includes the complete FQDN of the device.
Expected Results
- Success: If logs are generated with the device’s complete FQDN.
- Failure: If any of the following occur:
- The test message is not found in recent logs.
- The log message does not include the device’s FQDN.
- The FQDN in the log message doesn’t match the configured FQDN.
Examples
anta.tests.logging:
- VerifyLoggingHostname:
severity_level: informational
Inputs
| Name |
Type |
Description |
Default |
severity_level |
LogSeverityLevel
|
Log severity level. Defaults to informational.
|
'informational'
|
Source code in anta/tests/logging.py
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314 | class VerifyLoggingHostname(AntaTest):
"""Verifies if logs are generated with the device FQDN.
This test performs the following checks:
1. Retrieves the device's configured FQDN.
2. Sends a test log message at the specified severity log level.
3. Retrieves the most recent logs (last 30 seconds).
4. Verifies that the test message includes the complete FQDN of the device.
Expected Results
----------------
* Success: If logs are generated with the device's complete FQDN.
* Failure: If any of the following occur:
- The test message is not found in recent logs.
- The log message does not include the device's FQDN.
- The FQDN in the log message doesn't match the configured FQDN.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingHostname:
severity_level: informational
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [
AntaCommand(command="show hostname", revision=1),
AntaTemplate(template="send log level {severity_level} message ANTA VerifyLoggingHostname validation", ofmt="text"),
AntaTemplate(template="show logging {severity_level} last 30 seconds | grep ANTA", ofmt="text", use_cache=False),
]
class Input(AntaTest.Input):
"""Input model for the VerifyLoggingHostname test."""
severity_level: LogSeverityLevel = "informational"
"""Log severity level. Defaults to informational."""
def render(self, template: AntaTemplate) -> list[AntaCommand]:
"""Render the template for log severity level in the input."""
return [template.render(severity_level=self.inputs.severity_level)]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingHostname."""
output_hostname = self.instance_commands[0].json_output
output_logging = self.instance_commands[2].text_output
fqdn = output_hostname["fqdn"]
lines = output_logging.strip().split("\n")[::-1]
log_pattern = r"ANTA VerifyLoggingHostname validation"
last_line_with_pattern = ""
for line in lines:
if re.search(log_pattern, line):
last_line_with_pattern = line
break
if fqdn in last_line_with_pattern:
self.result.is_success()
else:
self.result.is_failure("Logs are not generated with the device FQDN")
|
VerifyLoggingHosts
Verifies logging hosts (syslog servers) for a specified VRF.
Expected Results
- Success: The test will pass if the provided syslog servers are configured in the specified VRF.
- Failure: The test will fail if the provided syslog servers are NOT configured in the specified VRF.
Examples
anta.tests.logging:
- VerifyLoggingHosts:
hosts:
- 1.1.1.1
- 2.2.2.2
vrf: default
Inputs
| Name |
Type |
Description |
Default |
hosts |
list[IPv4Address]
|
List of hosts (syslog servers) IP addresses.
|
-
|
vrf |
str
|
The name of the VRF to transport log messages. Defaults to `default`.
|
'default'
|
Source code in anta/tests/logging.py
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196 | class VerifyLoggingHosts(AntaTest):
"""Verifies logging hosts (syslog servers) for a specified VRF.
Expected Results
----------------
* Success: The test will pass if the provided syslog servers are configured in the specified VRF.
* Failure: The test will fail if the provided syslog servers are NOT configured in the specified VRF.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingHosts:
hosts:
- 1.1.1.1
- 2.2.2.2
vrf: default
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [AntaCommand(command="show logging", ofmt="text")]
class Input(AntaTest.Input):
"""Input model for the VerifyLoggingHosts test."""
hosts: list[IPv4Address]
"""List of hosts (syslog servers) IP addresses."""
vrf: str = "default"
"""The name of the VRF to transport log messages. Defaults to `default`."""
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingHosts."""
output = self.instance_commands[0].text_output
not_configured = []
for host in self.inputs.hosts:
pattern = rf"Logging to '{host!s}'.*VRF {self.inputs.vrf}"
if not re.search(pattern, _get_logging_states(self.logger, output)):
not_configured.append(str(host))
if not not_configured:
self.result.is_success()
else:
self.result.is_failure(f"Syslog servers {', '.join(not_configured)} are not configured in VRF {self.inputs.vrf}")
|
VerifyLoggingLogsGeneration
Verifies if logs are generated.
This test performs the following checks:
- Sends a test log message at the specified severity log level.
- Retrieves the most recent logs (last 30 seconds).
- Verifies that the test message was successfully logged.
Expected Results
- Success: If logs are being generated and the test message is found in recent logs.
- Failure: If any of the following occur:
- The test message is not found in recent logs.
- The logging system is not capturing new messages.
- No logs are being generated.
Examples
anta.tests.logging:
- VerifyLoggingLogsGeneration:
severity_level: informational
Inputs
| Name |
Type |
Description |
Default |
severity_level |
LogSeverityLevel
|
Log severity level. Defaults to informational.
|
'informational'
|
Source code in anta/tests/logging.py
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251 | class VerifyLoggingLogsGeneration(AntaTest):
"""Verifies if logs are generated.
This test performs the following checks:
1. Sends a test log message at the specified severity log level.
2. Retrieves the most recent logs (last 30 seconds).
3. Verifies that the test message was successfully logged.
Expected Results
----------------
* Success: If logs are being generated and the test message is found in recent logs.
* Failure: If any of the following occur:
- The test message is not found in recent logs.
- The logging system is not capturing new messages.
- No logs are being generated.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingLogsGeneration:
severity_level: informational
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [
AntaTemplate(template="send log level {severity_level} message ANTA VerifyLoggingLogsGeneration validation", ofmt="text"),
AntaTemplate(template="show logging {severity_level} last 30 seconds | grep ANTA", ofmt="text", use_cache=False),
]
class Input(AntaTest.Input):
"""Input model for the VerifyLoggingLogsGeneration test."""
severity_level: LogSeverityLevel = "informational"
"""Log severity level. Defaults to informational."""
def render(self, template: AntaTemplate) -> list[AntaCommand]:
"""Render the template for log severity level in the input."""
return [template.render(severity_level=self.inputs.severity_level)]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingLogsGeneration."""
log_pattern = r"ANTA VerifyLoggingLogsGeneration validation"
output = self.instance_commands[1].text_output
lines = output.strip().split("\n")[::-1]
for line in lines:
if re.search(log_pattern, line):
self.result.is_success()
return
self.result.is_failure("Logs are not generated")
|
VerifyLoggingPersistent
Verifies if logging persistent is enabled and logs are saved in flash.
Expected Results
- Success: The test will pass if logging persistent is enabled and logs are in flash.
- Failure: The test will fail if logging persistent is disabled or no logs are saved in flash.
Examples
anta.tests.logging:
- VerifyLoggingPersistent:
Source code in anta/tests/logging.py
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109 | class VerifyLoggingPersistent(AntaTest):
"""Verifies if logging persistent is enabled and logs are saved in flash.
Expected Results
----------------
* Success: The test will pass if logging persistent is enabled and logs are in flash.
* Failure: The test will fail if logging persistent is disabled or no logs are saved in flash.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingPersistent:
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [
AntaCommand(command="show logging", ofmt="text"),
AntaCommand(command="dir flash:/persist/messages", ofmt="text"),
]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingPersistent."""
self.result.is_success()
log_output = self.instance_commands[0].text_output
dir_flash_output = self.instance_commands[1].text_output
if "Persistent logging: disabled" in _get_logging_states(self.logger, log_output):
self.result.is_failure("Persistent logging is disabled")
return
pattern = r"-rw-\s+(\d+)"
persist_logs = re.search(pattern, dir_flash_output)
if not persist_logs or int(persist_logs.group(1)) == 0:
self.result.is_failure("No persistent logs are saved in flash")
|
VerifyLoggingSourceIntf
Verifies logging source-interface for a specified VRF.
Expected Results
- Success: The test will pass if the provided logging source-interface is configured in the specified VRF.
- Failure: The test will fail if the provided logging source-interface is NOT configured in the specified VRF.
Examples
anta.tests.logging:
- VerifyLoggingSourceIntf:
interface: Management0
vrf: default
Inputs
| Name |
Type |
Description |
Default |
interface |
str
|
Source-interface to use as source IP of log messages.
|
-
|
vrf |
str
|
The name of the VRF to transport log messages. Defaults to `default`.
|
'default'
|
Source code in anta/tests/logging.py
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149 | class VerifyLoggingSourceIntf(AntaTest):
"""Verifies logging source-interface for a specified VRF.
Expected Results
----------------
* Success: The test will pass if the provided logging source-interface is configured in the specified VRF.
* Failure: The test will fail if the provided logging source-interface is NOT configured in the specified VRF.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingSourceIntf:
interface: Management0
vrf: default
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [AntaCommand(command="show logging", ofmt="text")]
class Input(AntaTest.Input):
"""Input model for the VerifyLoggingSourceIntf test."""
interface: str
"""Source-interface to use as source IP of log messages."""
vrf: str = "default"
"""The name of the VRF to transport log messages. Defaults to `default`."""
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingSourceIntf."""
output = self.instance_commands[0].text_output
pattern = rf"Logging source-interface '{self.inputs.interface}'.*VRF {self.inputs.vrf}"
if re.search(pattern, _get_logging_states(self.logger, output)):
self.result.is_success()
else:
self.result.is_failure(f"Source-interface: {self.inputs.interface} VRF: {self.inputs.vrf} - Not configured")
|
VerifyLoggingTimestamp
Verifies if logs are generated with the appropriate timestamp.
This test performs the following checks:
- Sends a test log message at the specified severity log level.
- Retrieves the most recent logs (last 30 seconds).
- Verifies that the test message is present with a high-resolution RFC3339 timestamp format.
- Example format:
2024-01-25T15:30:45.123456+00:00.
- Includes microsecond precision.
- Contains timezone offset.
Expected Results
- Success: If logs are generated with the correct high-resolution RFC3339 timestamp format.
- Failure: If any of the following occur:
- The test message is not found in recent logs.
- The timestamp format does not match the expected RFC3339 format.
Examples
anta.tests.logging:
- VerifyLoggingTimestamp:
severity_level: informational
Inputs
| Name |
Type |
Description |
Default |
severity_level |
LogSeverityLevel
|
Log severity level. Defaults to informational.
|
'informational'
|
Source code in anta/tests/logging.py
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376 | class VerifyLoggingTimestamp(AntaTest):
"""Verifies if logs are generated with the appropriate timestamp.
This test performs the following checks:
1. Sends a test log message at the specified severity log level.
2. Retrieves the most recent logs (last 30 seconds).
3. Verifies that the test message is present with a high-resolution RFC3339 timestamp format.
- Example format: `2024-01-25T15:30:45.123456+00:00`.
- Includes microsecond precision.
- Contains timezone offset.
Expected Results
----------------
* Success: If logs are generated with the correct high-resolution RFC3339 timestamp format.
* Failure: If any of the following occur:
- The test message is not found in recent logs.
- The timestamp format does not match the expected RFC3339 format.
Examples
--------
```yaml
anta.tests.logging:
- VerifyLoggingTimestamp:
severity_level: informational
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [
AntaTemplate(template="send log level {severity_level} message ANTA VerifyLoggingTimestamp validation", ofmt="text"),
AntaTemplate(template="show logging {severity_level} last 30 seconds | grep ANTA", ofmt="text", use_cache=False),
]
class Input(AntaTest.Input):
"""Input model for the VerifyLoggingTimestamp test."""
severity_level: LogSeverityLevel = "informational"
"""Log severity level. Defaults to informational."""
def render(self, template: AntaTemplate) -> list[AntaCommand]:
"""Render the template for log severity level in the input."""
return [template.render(severity_level=self.inputs.severity_level)]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifyLoggingTimestamp."""
log_pattern = r"ANTA VerifyLoggingTimestamp validation"
timestamp_pattern = r"\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}\.\d{6}[+-]\d{2}:\d{2}"
output = self.instance_commands[1].text_output
lines = output.strip().split("\n")[::-1]
last_line_with_pattern = ""
for line in lines:
if re.search(log_pattern, line):
last_line_with_pattern = line
break
if re.search(timestamp_pattern, last_line_with_pattern):
self.result.is_success()
else:
self.result.is_failure("Logs are not generated with the appropriate timestamp format")
|
VerifySyslogLogging
Verifies if syslog logging is enabled.
Expected Results
- Success: The test will pass if syslog logging is enabled.
- Failure: The test will fail if syslog logging is disabled.
Examples
anta.tests.logging:
- VerifySyslogLogging:
Source code in anta/tests/logging.py
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72 | class VerifySyslogLogging(AntaTest):
"""Verifies if syslog logging is enabled.
Expected Results
----------------
* Success: The test will pass if syslog logging is enabled.
* Failure: The test will fail if syslog logging is disabled.
Examples
--------
```yaml
anta.tests.logging:
- VerifySyslogLogging:
```
"""
categories: ClassVar[list[str]] = ["logging"]
commands: ClassVar[list[AntaCommand | AntaTemplate]] = [AntaCommand(command="show logging", ofmt="text")]
@AntaTest.anta_test
def test(self) -> None:
"""Main test function for VerifySyslogLogging."""
self.result.is_success()
log_output = self.instance_commands[0].text_output
if "Syslog logging: enabled" not in _get_logging_states(self.logger, log_output):
self.result.is_failure("Syslog logging is disabled")
|
_get_logging_states
_get_logging_states(
logger: Logger, command_output: str
) -> str
Parse show logging output and gets operational logging states used in the tests in this module.
Parameters:
| Name |
Type |
Description |
Default |
logger
|
Logger
|
|
required
|
command_output
|
str
|
|
required
|
Returns:
| Type |
Description |
str
|
The operational logging states.
|
Source code in anta/tests/logging.py
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43 | def _get_logging_states(logger: logging.Logger, command_output: str) -> str:
"""Parse `show logging` output and gets operational logging states used in the tests in this module.
Parameters
----------
logger
The logger object.
command_output
The `show logging` output.
Returns
-------
str
The operational logging states.
"""
log_states = command_output.partition("\n\nExternal configuration:")[0]
logger.debug("Device logging states:\n%s", log_states)
return log_states
|