Getting logs from many systems can be a laborious and sometimes even painful process. You may have to view them semi-interactively from the command line. You may need to pull them off the system via FTP, SFTP, NFS, or some other protocol and then open them in a text editor (often after unzipping the downloaded files). Sometimes there’s a web GUI for viewing the logs, though this often provides only a display that can be copied/pasted & not the backing file(s) themselves.
In the past it’s been just as tedious to get logs off of NetApp FAS systems, but starting with clustered Data ONTAP 8.1.1 NetApp began providing web (HTTPS) access to easily download log files from the controllers. Initially, this access was not enabled by default and needed to be manually configured. Starting with 8.2.1 it is now enabled and accessible out of the box. It’s not the prettiest of interfaces, but it’s quite workable, and in addition to logs it also gives you access to core (crash) files if and when those occur.
When it’s enabled, all you need to do is navigate to the right URL and enter the appropriate credentials. The format of the URLs looks like this:
- Log directory: https://<cluster-mgmt-IP>/spi/<node-name>/etc/log
- Core directory: https://<cluster-mgmt-IP>/spi/<node-name>/etc/crash
The service is accessed via the cluster management IP (or name – you can use the friendly DNS name and not IP), but the logs you’ll be going to are those on each individual node in the cluster. This is giving you access to far more logs than are available through the normal event logs displayed in OnCommand System Manager or via the CLI. In a later post, we’ll go through some of the more interesting and important log files you can access.
With Data ONTAP 8.2.1, the built-in admin account has access to this service by default. If you would like to create another user only for accessing these files (for a junior operator, for example) it’s a simple matter:
- security login create -username <logviewer> -application http -authmethod password
And then enter the password for this new user account.
If you are running versions of clustered Data ONTAP between 8.1.1 – 8.2, here are the steps you’ll need to follow to enable this functionality:
- vserver services web modify -vserver * -name spi -enabled true
- This enables the SPI service on all vservers (only necessary for the cluster and node management vservers)
- vserver services web access create -name spi -role admin -vserver <cluster-name>
- This grants the admin role access to the SPI web service.
- vserver services web access create -name compat -role admin -vserver <cluster-name>
- This grants the admin role access to the compat web service.
- In my testing, this setting was not strictly necessary for accessing the log files, but it is recommended by NetApp Support.
The official NetApp Knowledge Base article for setting up access is here: https://kb.netapp.com/support/index?page=content&id=1013814