提问要多花一点心思哦

有没有用ELK收集数据中心所有网络设备日志的解决方案?

资料分享 | 作者 Klein | 发布于2019年09月06日 | 阅读数:5070

目前,我们数据中心的所有网络设备的日志都发到syslog server存储,需要查问题的时候,登上去用grep, sed命令什么的去查,效率比较低。现在想部署一套ELK来提高查找问题的效率,并进一步设置一些告警规则。目前,通路已经调通,网络设备的日志已传到elasticsearch服务器上,但从kibana上,似乎也没看到有多好用,能生成什么图标。网上查了一下资料,也都是讲如何配置通路的。对如何使用kibana,对网络设备的数据进行优化处理的基本没有。不知道,哪里有相关的解决方案可以参考一下。网络设备也就是通用的cisco,H3C交换机,路由器,Juniper防火墙,F5的bigip等通用设备。(当然,所有网络设备已经被Zabbix监控。)
已邀请:

Klein

赞同来自: leoelk echoyangjx leo_minorui

发布消息之后,一直没有回复,只能自己摸索。后来发现,是mapping没有做好,所以强大的搜索功能显示不出来。曾经试过filebeat中的cisco module,但发现它并不能把日志中的字段识别出来。后来在logstash中,使用dissect把日志中的关键字段取了出来,才能制作virtulization和dashboard. 目前还有些小毛病,还在继续研究中。

Klein

赞同来自: sony_zhang chenjiale0055

经过自己的努力,基本上将三种网络设备的日志成功提取出来,导入ES,并制作了仪表盘,logstash的配置文件放在这里做个纪念。也请高手提意见。
 
现在仍有的问题是,filter里面的date仍然工作不正常。虽然我开始做第一个日志分析时,可以成功。但不知道为什么现在不行了。现在的配置,在日志中显示_dateparsefailure, 我知道原因(就是我从日志中提取出来的日期字符串中月和日之间有两个空格,而我这个配置中只有一个空格),但是一旦我修改成两个空格,ES中就没有数据了。怀疑是logstash匹配失败给丢弃了。目前正准备打开logstash的debug日志,查找原因。
 
logstash.confinput {
  beats {
    port => 5044
  }
}

filter {
  if "Hillstone" in [tags] {
    grok {
      patterns_dir => ["/usr/share/logstash/pipeline/patterns"]
      match => { "message" => "%{HILLSTONELOGBASE}: %{HILLSTONETRAFFICLOG}" }
      match => { "message" => "%{HILLSTONELOGBASE}: %{HILLSTONEFW43240501}" }
      match => { "message" => "%{HILLSTONELOGBASE}: %{HILLSTONETHREATLOG}" }
    }
    date {
      match => [ "ts", "MMM d HH:mm:ss" ]
    }
  }

  if "H3C" in [tags] {
    dissect {
      mapping => {
        # The following mapping worked for H3C switch and router log
        "message" => "%{event_timestamp->} %{+event_timestamp} %{+event_timestamp} %{+event_timestamp} %{src} %{module}/%{severity}/%{MNEMONIC}: %{msg}"
      }
    }
  }
}

output {
  if "Hillstone" in [tags] {
    elasticsearch {
      hosts => ["192.168.100.110:9200"]
      index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
    }
  }
  if "H3C" in [tags] {
    elasticsearch {
      hosts => ["192.168.100.110:9200"]
      index => "logstash-%{+YYYY.MM.dd}"
    }
  }
}

注:上述配置文件中,Hillstone是国产山石防火墙,而下面的日志是H3C的交换机和路由器的防火墙日志。
 

Klein

赞同来自: sony_zhang chenjiale0055

date的问题已经找到并解决。原因是发过来的日志的时间是北京时间,而ES是使用UTC时间。在date转换时,如果没有timezone的设置,logstash会把日志中的时间当做是UTC时间,入库时,就会发生错误,因为超过了当前的时间,所以被丢弃了。在date中加入timezone参数,就可以完美的解决这个问题。下面是配置信息。目前我已将所有日志中的时间戳作为timestamp导入es中。
 
    date {
      timezone => "Asia/Shanghai"
      match => [ "ts", "MMM dd HH:mm:ss", "MMM  d HH:mm:ss" ]
    }
 
 
 

chenjiale0055

赞同来自:

跟兄弟设备和环境基本一样~~正在开始搭建环境,,学习

Felixw

赞同来自:

你好,楼主,有没有完整的思路提供一下,比如交换机的日志是先导入rsyslog当中吗?

Klein

赞同来自:

是的。交换机传到rsyslogd, 再通过filebeat传到logstash, logstash进行日志格式化以后,导入es,然后在kibana查询数据和制作仪表盘。
 
Switch/Router/SSLVPN/Firewall -> rsyslogd -> filebeat -> logstash -> elasticsearch <- kibana
 
我用docker建的测试环境,完成上述流程。本想从filebeat直接到es,但filebeat自带的module不支持我的网络设备,只能再走一遍logstash. 当然,也可以让直接让logstash和rsyslogd配合,跳过filebeat。不过以后抓服务器日志,应该还是filebeat去取会好一些。

496859932asd

赞同来自:

大佬 我怎么判断filebeat获取到rsyslogd传过来日志了?  rsyslogd -> filebeat -> logstash -> elasticsearch 这中间怎么判断收到前面传过来的数据了?

Hicer - 90后怪蜀黍

赞同来自:

Switch/Router/SSLVPN/Firewall -> rsyslogd -> filebeat -> logstash -> elasticsearch <- kibana
 
这里能不能把网络设备里日志服务器IP配成filebeat的IP,把rsyslog省略掉,让filebeat去监听个端口号。

leo_minorui

赞同来自:

有在github找到一个但对我的设备切割不了message:
 
#
# INPUT - Logstash listens on port 8514 for these logs.
#

input {
  udp {
    port => "8514"
    type => "log"
  }
  
  tcp {
    port => "8514"
    type => "syslog-cisco"
  }
}

#
# FILTER - Try to parse the cisco log format
#
# Configuration:
#   clock timezone ARIZONA -7
#   no clock summer-time
#   ntp server 0.0.0.0 prefer
#   ntp server 129.6.15.28
#   ntp server 131.107.13.100
#   service timestamps log datetime msec show-timezone
#   service timestamps debug datetime msec show-timezone
#   logging source-interface Loopback0
#   ! Two logging servers for redundancy
#   logging host 0.0.0.0 transport tcp port 8514
#   logging host 0.0.0.0 transport tcp port 8514
#   logging trap 6

filter {
  # NOTE: The frontend logstash servers set the type of incoming messages.
  if [type] == "syslog-cisco" {
    # The switches are sending the same message to all syslog servers for redundancy, this allows us to
    ## only store the message in elasticsearch once by generating a hash of the message and using that as
    ## the document_id.
    fingerprint {
      source              => [ "message" ]
      method              => "SHA1"
      key                 => "Some super secret passphrase for uniqueness."
      concatenate_sources => true
    }

    # Parse the log entry into sections.  Cisco doesn't use a consistent log format, unfortunately.
    grok {
      # There are a couple of custom patterns associated with this filter.
      patterns_dir => [ "/opt/logstash/patterns" ]

      match => [
        # IOS
        "message", "%{RSYSLOG}(%{NUMBER:log_sequence#})?:( %{NUMBER}:)? %{CISCOTIMESTAMPTZ:log_date}: %%{CISCO_REASON:facility}-%{INT:severity_level}-%{CISCO_REASON:facility_mnemonic}: %{GREEDYDATA:message}",
        "message", "%{RSYSLOG}(%{NUMBER:log_sequence#})?:( %{NUMBER}:)? %{CISCOTIMESTAMPTZ:log_date}: %%{CISCO_REASON:facility}-%{CISCO_REASON:facility_sub}-%{INT:severity_level}-%{CISCO_REASON:facility_mnemonic}: %{GREEDYDATA:message}",
                     {SYSLOGTIMESTAMP:timestamp} %{SYSLOGHOST:logsource} ((%{NUMBER:log_sequence#})?:( %{NUMBER}:)? )?%{CISCOTIMESTAMPTZ:log_date}: %%{CISCO_REASON:facility}-%{CISCO_REASON:facility_sub}-%{INT:severity_level}-%{CISCO_REASON:facility_mnemonic}: %{GREEDYDATA:message}
        # Nexus
        "message", "%{SYSLOG5424PRI}(%{NUMBER:log_sequence#})?: %{NEXUSTIMESTAMP:log_date}: %%{CISCO_REASON:facility}-%{INT:severity_level}-%{CISCO_REASON:facility_mnemonic}: %{GREEDYDATA:message}",
        "message", "%{SYSLOG5424PRI}(%{NUMBER:log_sequence#})?: %{NEXUSTIMESTAMP:log_date}: %%{CISCO_REASON:facility}-%{CISCO_REASON:facility_sub}-%{INT:severity_level}-%{CISCO_REASON:facility_mnemonic}: %{GREEDYDATA:message}"
      ]

      overwrite => [ "message" ]

      add_tag => [ "cisco" ]

      remove_field => [ "syslog5424_pri", "@version" ]
    }
  }

  # If we made it here, the grok was sucessful
  if "cisco" in [tags] {
    date {
      match => [
        "log_date",

        # IOS
        "MMM dd HH:mm:ss.SSS ZZZ",
        "MMM dd HH:mm:ss ZZZ",
        "MMM dd HH:mm:ss.SSS",
        
        # Nexus
        "YYYY MMM dd HH:mm:ss.SSS ZZZ",
        "YYYY MMM dd HH:mm:ss ZZZ",
        "YYYY MMM dd HH:mm:ss.SSS",
        
        # Hail marry
        "ISO8601"
      ]
    }

    # Add the log level's name instead of just a number.
    mutate {
      gsub => [
        "severity_level", "0", "0 - Emergency",
        "severity_level", "1", "1 - Alert",
        "severity_level", "2", "2 - Critical",
        "severity_level", "3", "3 - Error",
        "severity_level", "4", "4 - Warning",
        "severity_level", "5", "5 - Notification",
        "severity_level", "6", "6 - Informational"
      ]
    }

    # Translate the short facility name into a full name.
    # NOTE:  This is a third party plugin: logstash-filter-translate
    translate {
      field       => "facility"
      destination => "facility_full"

      dictionary => [
        "AAA", "Authentication, authorization, and accounting",
        "AAA_CACHE", "Authentication, authorization, and accounting cache",
        "AAAA", "TACACS+ authentication, authorization, and accounting security",
        "AAL5", "ATM Adaptation Layer 5",
        "AC", "Attachment circuit",
        "ACCESS_IE", "Access information element",
        "ACE", "Access control encryption",
        "ACL_ASIC", "Access control list ASIC",
        "ACLMERGE", "Access control list merge",
        "ACLMGR", "Access control list manager",
        "ADAPTER", "CMCC adapter task",
        "ADJ", "Adjacency subsystem",
        "AESOP_AIM", "Service engine advanced interface module",
        "AFLSEC", "Accelerated Flow Logging Security",
        "AHDLC_TRINIAN", "PPP in HDLC-like framing device driver",
        "AICMGMT", "Alarm interface controller management",
        "AIM", "Advanced Interface Module (AIM)",
        "AIP", "ATM Interface Processor",
        "ALARM", "Telco chassis alarm related",
        "ALC", "ATM line card (ALC)",
        "ALIGN", "Memory optimization in Reduced Instruction Set Computer (RISC) processor",
        "ALPS", "Airline Protocol Support",
        "AMD79C971_FE", "Am79C971 Fast Ethernet device driver",
        "AMDP2_FE", "AMDP2 Ethernet and Fast Ethernet",
        "AP", "Authentication Proxy (AP)",
        "APPFW", "APPFW for HTTP subsystem",
        "APS", "Automatic Protection Switching",
        "ARAP", "Apple Remote Access Protocol (ARAP)",
        "ARCHIVE_CONFIG", "Archive configuration-related",
        "ARCHIVE_DIFF", "Archive Diff and Rollback-related",
        "AS5400", "Cisco AS5400 platform",
        "AS5400_ENVM", "Cisco AS5400 environmental monitor",
        "ASPP", "Asynchronous Security Protocol (ASPP)",
        "AT", "AppleTalk (AT)",
        "ATM", "Asynchronous Transfer Mode",
        "ATM_AIM", "ATM advanced module",
        "ATMCES", "ATM access concentrator PCI port adapter driver",
        "ATMCORE", "ATM core",
        "ATMLC", "Cisco 7300 ATM line card software",
        "ATMOC3", "ATM OC-3 network module",
        "ATMOC3POM", "ATM- OC3-POM module",
        "ATMPA", "ATM port adapter",
        "ATMSIG", "ATM signaling subsystem",
        "ATMSPA", "ATM Shared Port Adapter",
        "ATMSSCOP", "ATM Service Specific Connection Oriented Protocol (SSCOP)",
        "ATOM_NP_CLIENT", "Any Transport over MPLS NP client",
        "ATOM_SEG", "Any Transport Over MPLS (AToM) Segment Handler",
        "ATOM_TRANS", "Layer 2 Transport over MPLS",
        "AUDIT", "Audit feature",
        "AUTORP", "PIMv2 AUTORP",
        "AUTOSEC", "AutoSecure",
        "AUTOSHUT", "Autoshut",
        "AUTOSTATE", "Autostate feature",
        "BACKPLANE_BUS_ASIC", "Backplane bus ASIC",
        "BAMBAM", "One-port Fast Ethernet with coprocessor assist",
        "BAP", "PPP Bandwidth Allocation Protocol (BAP)",
        "BAT", "Power supply (BAT)",
        "BCM", "Broadcom switch controller",
        "BCM3220", "Cable modem MAC controller interface",
        "BCM56XX", "BCM56XX control layer",
        "BCM_GEWAN", "Messages related to the Cisco 3800 system controller",
        "BERT", "Bit error rate tester (BERT)",
        "BFD", "Bidirectional Forwarding Detection",
        "BFDFSM", "BFD finite state machine",
        "BGP", "Border Gateway Protocol",
        "BGP_MPLS", "BGP MPLS common",
        "BIT", "Dynamic bitlist",
        "BOOMERANG", "Boomerang distributed reverse proxy server",
        "BRI", "ISDN Basic Rate Interface",
        "BRIMUX", "Cisco AS5200 BRIMUX board",
        "BSC", "Binary Synchronous Communications protocol",
        "BSQ", "Buffer status queue processing",
        "BSR", "Bootstrap router",
        "BSTUN", "Block serial tunneling (BSTUN)",
        "BUNDLES", "Bundles",
        "C1400", "Cisco 1400 platform",
        "C_GIGE", "Dual-port Gigabit Ethernet back card subsystem",
        "C10K", "Cisco 10000",
        "C10K_APS", "NSP APS",
        "C10KATM", "Cisco 10000 ATM",
        "C10KCARDISSU", "Cisco 10000 Card ISSU",
        "C10KCHE1T1", "Cisco 10000 T1 line card",
        "C10KCHKPT", "Cisco 10000 Checkpoint facility",
        "C10KET", "Cisco 10000 ET",
        "C10KEVENTMGR", "Event Manager subsystem",
        "C10KGE", "Gigabit Ethernet subsystem",
        "C10KHHCT3", "Cisco 10000 HH Channelized T3",
        "C10KINT", "Cisco 10000 interrupt infrastructure",
        "C10KISSU", "Cisco 10000 In Service Software Upgrade",
        "C10K_IEDGE", "Cisco 10000 iEdge",
        "C10K_LFI_GENERAL", "Cisco 10000 Link Fragmentation and Interleaving",
        "C10K_MULTILINK_FRAGSIZE_BELOW_MIN_WARNING", "Cisco 10000 PXF Multilink fragment size below minimum warning",
        "C10K_QOS_GENERAL", "Cisco 10000 Quality of Service (QoS)",
        "C10K_QUEUE_CFG_GENERAL", "Cisco 10000 PXF queuing configuration",
        "C10K_TOASTER", "Cisco 10000 toaster",
        "C1400_PCI", "Protocol control information (PCI) bus for Cisco 1400 platform",
        "C1600", "Cisco 1600 platform",
        "C1700", "Cisco 1700 platform",
        "C1700_EM", "Cisco 1700 VPN module hardware accelerator for IP security",
        "C1800", "Cisco 1800 platform",
        "C1800_HW_CRYPTO", "Cisco 1800, Cisco 1810 Motorola SEC 2.0",
        "C2400_DSX1", "Cisco 2400 DSX1 subsystem",
        "C2600", "Cisco 2600 platform",
        "C2600_MAINBOARD_ASYNC_PQUICC", "MPC860 quad integrated communications controller for the Cisco 2600 platform",
        "C2950", "Catalyst 2950 series switch",
        "C29ATM", "Catalyst 2900XL ATM module",
        "C2KATM", "Catalyst 2820 ATM module",
        "C3200_FE", "Cisco 3200 FEC",
        "C3600", "Cisco 3600 platform",
        "C3800", "Cisco 3800 platform",
        "C3800_ENVM", "Environmental",
        "C3825", "Cisco 3825 platform",
        "C4GWY_DSPRM", "DSP Resource Manager",
        "C4K", "Catalyst 4000 platform",
        "C542", "Voice driver for modular access routers",
        "C5421", "Voice over IP",
        "C54x", "VoIP DSP driver",
        "C54X", "VoIP driver",
        "C5510", "Voice Over IP (VoIP) driver",
        "C5RSP", "Cisco Catalyst 5000 platform",
        "C6KENV", "Cisco Catalyst 6500 environmental system",
        "C6K_MWAM_CENTRALIZED_CONFIG", "Multiprocessor WAN Application Module (MWAM) centralized configuration",
        "C6KPWR", "Cisco Catalyst 6500 power control system",
        "C6MSFC", "C6MSFC (Draco)",
        "C6SUP", "C6SUP-specific",
        "C7200", "Cisco 7200 platform - deleted for 12.2",
        "C7200_TDM", "Cisco 7200 midplane TDM bus",
        "C7600_RSP", "Cisco 7600 Route Switch Processor",
        "C7600_SIP200", "SPA Interface Processor 200",
        "C7600_SIP200_MP", "Cisco 7600, Catalyst 6500 SIP-200 Multiprocessing",
        "C7600_SIP200_SPIRX", "Cisco 7600, Catalyst 6500 SIP-200 SPI4.2 bus ingress interface",
        "C7600_SIP200_SPITX", "Cisco 7600, Catalyst 6500 SIP-200 SPI4.2 bus egress interface",
        "C7600_SSC600", "Services SPA Carrier Card (SSC600)",
        "C830_HW_CRYPTO", "C830 Hifn",
        "C870_FE", "Cisco 870 Fast Ethernet",
        "C870_HW_CRYPTO", "Cisco 850, Cisco 870 Motorola SEC 1.0",
        "C950", "Cisco 950",
        "CAIM", "Compression Advanced Interface Module (CAIM)",
        "CALL_CONTROL", "Call control",
        "CALL_HOME", "Call Home",
        "CALL_MGMT", "Call management subsystem",
        "CALLPROG", "Call progress notification subsystem",
        "CALLRECORD", "Modem Call Record",
        "CALLTREAT", "Call treatment",
        "CALLTREAT_NOSIGNAL", "Call Treatment (TREAT)",
        "CALLTRKR", "Call Tracker subsystem",
        "CAMP", "Cooperative Asymmetric Multiprocessing",
        "CAPI", "Card API",
        "CAPI_EC", "Card or EtherChannel limitation",
        "CARDMGR", "SIP-400 Card Manager (data plane)",
        "CARRIER", "DFC carrier",
        "CASA", "Cisco Appliance and Services Architecture (CASA)",
        "CBUS", "CiscoBus controller",
        "CBUS_ATTN", "CMCC CIP for Cisco bus controller statistics routine",
        "CBUS_WRITE", "CMCC CIP for Cisco bus controller write support",
        "CCA", "CMCC CIP for channel card adapter",
        "CCH323", "Call Control for H.323",
        "CCPROXY", "H.323 proxy",
        "CDM", "Cable Data Modem subsystem",
        "CDMA_PDSN", "CDMA PDSN",
        "CDNLD_CLIENT", "Client NRP2 configuration download",
        "CDNLD_SERVER", "Server NSP configuration download",
        "CDP", "Cisco Discovery Protocol (CDP)",
        "CDSX_MODULE", "Network module",
        "CE3", "CE3 port adapter (CE3)",
        "CEIPNM", "Circuit Emulation over IP Network Module",
        "CERF", "Cache Error Recovery Function (CERF)",
        "CES", "Circuit Emulation Service (CES)",
        "CES_CLIENT", "Client circuit emulation service (CESt",
        "CES_CONN", "TDM connection",
        "CFG", "Invalid Cisco 1840 configuration",
        "CFGMGR", "Configuration Manager",
        "CFIB", "Constellation FIB",
        "CFM", "Connectivity Fault Management",
        "CHANNEL_BANK", "Channel Bank",
        "CHARLOTTE", "Dual OC-3 PoS port adapter",
        "CHKPT", "Checkpoint facility",
        "CHOC12", "CHOC12 port adapter",
        "CHOPIN", "Versatile Interface Processor (VIP) Multi-channel Port Adapter",
        "CHOPIN_MAINBOARD_ASYNC_PQII", "Chopin Main Board Asynchronous driver",
        "CHSTM1", "CHSTM1",
        "CI", "Cisco 7500 platform chassis interface",
        "CIOS", "CMCC channel adapter Cisco IOS wrapper",
        "CIP and CIP2", "Channel Interface Processor (CIP) and enhanced CIP",
        "CIPDUMP", "CIP core dump",
        "CIRRUS", "CD2430 asynchronous controller",
        "CIRRUS_PM", "Slow-speed asynchronous/synchronous port module",
        "CLAW", "CMCC CIP for Common Link Access for Workstations (CLAW) facility_full",
        "CLEAR", "Clear facility",
        "CLIENT_CLOCK_SYNC", "Clock synchronization server",
        "CLNS", "OSI Connectionless Network Service",
        "CLOCK", "Clock and calendar",
        "CLOCKSW", "Cisco 6400 network clocking",
        "CLS", "Cisco link services (CNS)",
        "CLSDR", "Cisco link services (CNS) driver",
        "CM622_CM155", "ATM OC12 and QOC3 line card driver",
        "CMAPP", "Call Manager application",
        "CMBPKM", "Multimedia Cable Network System Partners, Ltd. (MNCNS), baseline privacy key management",
        "CMCC", "Cisco Mainframe Channel Connection (CMCC)",
        "CM_DSPRM", "Digital Signal Processor Resource Manager (DSPRM)",
        "CM_MONITOR", "UBR900 Cable Access Router Personal Monitor",
        "CMP", "Cluster Membership Protocol",
        "CMPCTG", "CMCC Logical Link Control Transmission Group",
        "CNS", "Cisco Networking Services (CNS)",
        "CNS_AGENT_CFGCHG", "Cisco Network Service (CNS) Configuration Change Agent",
        "CNSAD_IPSEC_AGENT", "Cisco Network Service (CNS)/AD IPsec Agent",
        "CNSES", "Cisco Network Services Event Service client",
        "COBALT", "COBALT",
        "COMMON_FIB", "CEF address family independent (FIB)",
        "COMP", "Point-to-point compression",
        "CONFIG", "CMCC Channel Interface Processor (CIP) messages for the configuration processing facility",
        "CONST_BOOT", "Constellation boot",
        "CONST_DIAG", "On-line diagnostics",
        "CONST_V6", "IP version 6",
        "CONTROLLER", "Controller",
        "COPTMONMIB", "Cisco Optical Monitoring MIB",
        "COT", "Continuity test (COT)",
        "COUGAR_EHSA", "Pulse amplitude modulation (PAM) port driver",
        "CP", "Control plane protection notification",
        "CPAD", "Compression service adapter (CSA)",
        "CPE_MMI", "Customer Premises Equipment Modem Management Interface",
        "CPM", "Combo Port Module (CPM) device driver",
        "CPOS", "Packet-over-SONET",
        "CPU_INTF_FPGA", "CPU Interface FPGA",
        "CPU_MONITOR", "CPU monitor",
        "CRYPTO", "Encryption",
        "CRYPTO_HA", "Crypto High Availability",
        "CRYPTO_HA_IKE", "Crypto High Availability",
        "CRYPTO_HA_IPSEC", "Crypto High Availability",
        "CSG", "Content Services Gateway",
        "CSM", "Call switching module",
        "CSM_TGRM", "CSM TGRM interaction",
        "CSM_TRUNK", "Call switching trunk manager",
        "CSM_VOICE", "Call switching mode (CSM) voice subsystem",
        "CT3", "Channelized T3 (CT3) port adapter",
        "CTA", "CMCC CIP for the channel transport architecture device task/mapper",
        "CTLPROVIDERSERV", "CTL provider service",
        "CTRC", "Cisco Transaction Connection",
        "CWAN_ALARM", "Constellation WAN alarm",
        "CWAN_ATM", "Constellation WAN ATM",
        "CWAN_HA", "WAN module High Availability",
        "CWAN_QINQ", "Constellation CWAN-QINQ linecard",
        "CWAN_RP", "Constellation WAN ATM Route Processor driver",
        "CWAN_SP", "Constellation WAN ATM Switch Processor driver",
        "CWAN_SPA", "Shared Port Adapter on OSR",
        "CWANLC", "Constellation WAN line card",
        "CWANLC_ATM", "Constellation WAN ATM Route Processor driver",
        "CWAN_POSEIDON", "Optical Services Module (OSM) GE-WAN Route Processor (RP) driver",
        "CWPA", "Route Processor for Constellation Supervisor router module",
        "CWPABRIDGE", "CWPA bridging",
        "CWRMP", "Wireless radio point-to-multipoint driver",
        "CWRPSPA", "Shared Port Adapter on OSR RP",
        "CWRSU", "Wireless radio point-to-multipoint subscriber unit (SU)",
        "CWRTEST", "Wireless radio point-to-multipoint test driver",
        "CWSLC", "Constellation WAN SiByte module",
        "CWTLC", "Constellation Supervisor router module line card",
        "CWTLC_ATM", "ATM line card for Constellation Supervisor router module",
        "CWTLC_ATOM", "Constellation WAN Toaster linecard - AToM",
        "CWTLC_CHOC", "Cyclops Channelized OC48/OC12-related",
        "CWTLC_CHOC_DSX", "Optical Services Module (OSM) CHOC DSX LC common",
        "CWTLC_CHOCX", "Optical Services Module (OSM) Channelized OC12/OC3 Module",
        "CWTLC_GEWAN", "Gigabit Ethernet WAN Module",
        "CWTLC_QOS", "Optical Services Module (OSM) Supervisor line card QoS",
        "CWTLC_RP", "Catalyst 6500 Series Switch and Cisco 7600 Series Router WAN Toaster-based Module Route Processor",
        "DAS_ENV", "RSC environmental monitor subsystem",
        "DBCONN", "Database Connection",
        "DBUS", "Data bus",
        "DCU", "ATM access concentrator PCI port adapter",
        "DEBUGGER", "Debug mode",
        "DEC21140", "DEC21140 Fast Ethernet controller",
        "DFC", "Dial feature card",
        "DFC_CARRIER", "Dial feature card carrier",
        "DFP", "Dynamic Feedback Protocol",
        "DHCP", "Dynamic Host Configuration Protocol",
        "DHCP_SNOOPING", "DHCP snooping",
        "DHCPD", "Dynamic Host Configuration Protocol (DHCP) server",
        "DHCPV6C", "DHCPv6 client",
        "DHCPV6S", "DHCPv6 server",
        "DIAG", "CMCC CIP for diagnostic testing",
        "DIALER", "Dial-on-demand routing",
        "DIALPEER_DB", "Dial peer configuration",
        "DIALSHELF", "Dial shelf",
        "DIRECTOR", "Director server",
        "DISKMIRROR", "NSP disk mirror",
        "DLC", "Data-link control",
        "DLSWC", "Data-link switching (DLSw)",
        "DLSWMasterSlave", "Data-link switching (DLSw) core",
        "DLSWP", "Data-link switching (DLSw) peer module",
        "DM", "Diagnostic Monitor or Dispatch Manager",
        "DMA", "Direct memory access",
        "DMTDSL", "Digital/discrete multitone digital subscriber line (DMTDSL)",
        "DNET", "DECnet",
        "DNLD", "Auto-config/download",
        "DNSSERVER", "Domain Name System (DNS) server",
        "DOSFS", "DOS file system",
        "DOS_TRACK", "IP source tracker",
        "DOT11", "802.11 subsystem",
        "DOT1Q", "802.1q",
        "DOT1X", "802.1X authorization",
        "DOT1X_MOD", "Messages encountered in platform dependent code for 802.1x",
        "DP83815", "DP83815 10/100 Mbps Integrated PCI Ethernet Media Access Controller",
        "DPM", "AS5200 T1 BRIMUX",
        "DRIP", "Duplicate Ring Protocol",
        "DRP", "Director Response Protocol",
        "DRVGRP", "Interface driver",
        "DS3E3SUNI", "DS3E3SUNI driver",
        "DS_MODEM", "FB modem card",
        "DS_TDM", "Dial shelf time-division multiplexing",
        "DS1337", "DS1337 RTC",
        "DSA", "Delayed stop accounting",
        "DSC", "Dial shelf controller (DSC)",
        "DSC_ENV", "Cisco AS5800 environment monitor",
        "DSC_REDUNDANCY", "Cisco AS5800 dial shelf controller (DSC) redundancy",
        "DSCC4", "DSCC4 driver",
        "DSCCLOCK", "Dial shelf controller (DSC) clock",
        "DSCEXTCLK", "Dial shelf controller (DSC) clock",
        "DSCREDCLK", "Dial shelf controller (DSC) redundancy clock",
        "DSI", "Cisco AS5800 dial shelf interconnect board",
        "DSIP", "Distributed system interconnect protocol",
        "DSIP_IOSDIAG", "DSIP diagnostic test",
        "DSIPPF", "Nitro Interconnect Protocol",
        "DSLSAR", "DSL segmentation and reassembly",
        "DSM", "DSP Stream Manager",
        "DSMP", "DSP Stream Manager",
        "DSP_CONN", "TDM connection",
        "DSPDD", "Digital Signal Processor Device Driver (DSPDD)",
        "DSPDUMP", "Digital Signal Processor crash dump facility",
        "DSPFARM", "DSP resource management",
        "DSPRM", "Digital Signal Processor Device Driver (DSPDD)",
        "DSPU", "Downstream physical unit",
        "DSX0", "CT1 RBS time slot status",
        "DSX1", "Channelized E1 (Europe) and T1(US) telephony standard",
        "DS_TDM", "Dial shelf time-division multiplexing (TDM)",
        "DSXPNM", "TE3 network module",
        "DTP", "Dynamic Trunking Protocol filtering",
        "DUAL", "Enhanced Interior Gateway Routing Protocol",
        "DVMRP", "Distance Vector Multicast Routing Protocol",
        "E1T1_MODULE", "E1T1 module",
        "EAP", "Extensible Authentication Protocol",
        "EARL", "Enhanced Address Recognition Logic",
        "EARL_ACL_FPGA", "Enhanced Address Recognition Logic ACL FPGA",
        "EARL_DRV_API", "EARL driver API",
        "EARL_L2_ASIC", "Enhanced Address Recognition Logic Layer 2 ASIC",
        "EARL_L3_ASIC", "Enhanced Address Recognition Logic Layer 3 ASIC",
        "EARL_NETFLOW", "Enhanced Address Recognition Logic NetFlow",
        "EC", "EtherChannel, Link Aggregation Control Protocol (LACP), and Port Aggregation Protocol (PAGP)",
        "ECC", "Single bit errors in ECC",
        "ECPA and ECPA4", "Escon Channel Port Adapter and enhanced Escon Channel Port Adapter",
        "EGP", "Exterior Gateway Protocol",
        "EHSA", "Cisco 6400 Enhanced High System Availability (EHSA)",
        "EM", "Event Manager",
        "EM_FPGA", "Cisco 1840 FPGA encryption, decryption and hash message authentication codes (HMAC) for IP Security (IPSec)",
        "ENSP", "Enhanced Network Services Provider (ENSP)",
        "ENT_API", "Entity MIB API",
        "ENT_ALARM", "Entity alarm",
        "ENTITY_ALARM", "Entity alarm",
        "ENVM", "Environmental monitor",
        "ENV_MON", "Cisco 12000 environmental monitor",
        "ENVM", "Environmental monitor",
        "EOBC", "Ethernet out-of-band channel",
        "EOS", "Eos ASIC",
        "EOU", "Extensible Authentication Protocol (EAP) over User Datagram Protocol (UDP)",
        "EPAD", "Encryption port adapter driver (EPAD)",
        "EPLD", "EPLD",
        "EPLD_STATUS_OPEN", "EPLD Programming Status File Data Processing",
        "EPAMCM", "Ethernet Port Adapter Module Configuration Manager",
        "EPIF_PORT", "MMC Networks Ethernet Port L3 Processor Port",
        "ESCON", "Enterprise Systems Connection",
        "ESF_CRASHINFO", "Extended SuperFrame crashinfo",
        "ESF_DRIVER", "SIP-400 ESF driver",
        "ESF_IPC", "IPX2800 IPC",
        "ESWILP_CFG", "Ethernet switch module configuration",
        "ESWILP_FLTMG", "ESWILP fault management",
        "ESWITCH", "Ethernet switch port adapter",
        "ESWMOD", "Ethernet switch module",
        "ESWMRVL_FLTMG", "Ethernet switch fault management",
        "ESW_STORM_CONTROL", "Storm control",
        "ESW_WIC_FLTMG", "Ethernet Switch WIC fault management",
        "ET2_MODULE", "Ernest-T2 network module",
        "ETHERNET", "Ethernet for the C1000 series",
        "EVENT", "Event MIB",
        "EVENT_TRACE", "Event trace subsystem",
        "EXFREE", "External memory manager",
        "EXPRESSION", "Expression MIB",
        "FABRIC", "Fabric Interface ASIC (FIA)",
        "FALLBACK", "Voice over IP (VoIP) fallback",
        "FAN", "Fan",
        "FARM_DSPRM", "Farm DSPRM",
        "FASTBLK", "Fast Block",
        "FB", "Cisco AS5800 feature board",
        "FB_COREDUMP", "Feature board core dump",
        "FBINFO", "Cisco AS5800 feature board crash information subsystem",
        "FCIP", "FCIP driver",
        "FCL", "Forward Control Layer (FCL)",
        "FDDI", "Fiber Distributed Data Interface (FDDI)",
        "FDM", "Firewall Service Module (FWSM) Device Manager",
        "FDM_HA", "High availability FWSM Device Manager",
        "FECPM", "Fast Ethernet (FE) Combination Port Module (CPM) device driver",
        "FESMIC_FLTMG", "FESMIC fault management-related",
        "FF", "FF module-specific",
        "FIB", "Forwarding Information Base",
        "FIB_HM", "FIB health monitor",
        "FIB_HM_MVL", "Platform dependent, FIB Health Monitor",
        "FILESYS", "File system",
        "FIO_TDM", "Messages related to the Cisco 3700XM TDM device",
        "FLASH", "Flash nonvolatile memory",
        "FLEX_DNLD", "Voice Over IP (VoIP) driver",
        "FLEXDSPRM", "Flex DSPRM operation",
        "FM", "Feature Manager (FM)",
        "FM", "Forwarding Manager (FM)",
        "FMCORE", "Core Feature Manager",
        "FM_EARL6", "EARL 6 Feature Manager",
        "FM_EARL7", "EARL 7 Feature Manager",
        "FPD_MGMT", "FPD Management Subsystem",
        "FPGA", "LS1010 chip-specific",
        "FR", "Frame Relay",
        "FR_ADJ", "Frame Relay Adjacency",
        "FR_ELMI", "Frame Relay enhanced Local Management Interface",
        "FR_FRAG", "Frame Relay Fragmentation",
        "FR_LMI", "Frame Relay Local Management Interface",
        "FR_RP", "Frame Relay RP",
        "FR_VCB", "Frame Relay VC bundle",
        "FRATM", "Frame Relay ATM",
        "FREEDM", "CT3 trunk card Freedm",
        "FS_IPHC", "Fast IP Header Compression",
        "FTC_TRUNK", "Cisco 3801 platform",
        "FTPSERVER", "FTP server processes",
        "FTSP", "Fax Telephony Service Provider subsystem",
        "FTTM", "Full Ternary TCAM Manager",
        "FW", "Inspection subsystem",
        "FW_HA", "Firewall High Availability",
        "FX1000", "FX1000 Gigabit Ethernet controller",
        "GBIC_SECURITY", "GBIC security check",
        "GBIC_SECURITY_CRYPT", "GBIC SECURITY serial EEPROM verification",
        "GBIC_SECURITY_UNIQUE", "GBIC security uniqueness verification",
        "GDOI", "Group Domain of Interpretation",
        "GE", "Gigabit Ethernet subsystem",
        "GENERAL", "Zenith route processor",
        "GET_DATA", "CMCC CIP for allocating transfer elements",
        "GK", "GK-H.323 Gatekeeper",
        "GK_OSP", "H.323 Gatekeeper OSP",
        "GLBP", "Gateway Load Balancing Protocol",
        "GLCFR", "Internet router",
        "GPRSFLTMG", "Global Packet Radio Service fault management",
        "GPRSMIB", "Global Packet Radio Service MIB",
        "GRIP", "Xerox Network Systems (XNS) Routing Protocol",
        "GRP", "Gigabit Route Processor",
        "GRP_C10K_CH_DS3", "Cisco 10000 CH-DS3 RP driver",
        "GRP_OC12_CH_DS3", "Gigabit Route Processor (GRP) driver",
        "GRPGE", "Gigabit Ethernet Route Processor (RP)",
        "GRPPOS", "POS Route Processor",
        "GSHDSL", "G.Symetric High DSL",
        "GSI", "G.Symetric high bit rate DSL",
        "GSR_ENV", "Internet router environment monitor",
        "GSRIPC", "Internet router IPC service routines",
        "GT64010", "GT64010 DMA controller driver",
        "GT64011", "GT64011 DMA controller driver",
        "GT64120", "GT64120 DMA controller driver",
        "GT96K_FE", "Cisco 3700 series and Cisco 3631 systems controller",
        "GT96K_FEWAN", "Cisco 3700 series and Cisco 3631 systems controller for WAN",
        "GT96K_TDM", "Cisco 37xx, Cisco 2691, and Cisco 3631 TDM subsystem",
        "GTP", "GPRS Tunnel Protocol",
        "GUIDO", "GUIDO network module",
        "HA", "High availability system",
        "HA_CLIENT", "High availability client",
        "HA_EM", "Embedded Event Manager",
        "HA_IFINDEX", "High Availability system",
        "HAL", "Halcyon",
        "HARDWARE", "Hardware resources",
        "HA_WD", "High Availability system",
        "HAWKEYE", "Token Ring PCI port adapter",
        "HD", "HD64570 serial controller",
        "HDLC", "High-Level Data Link Control",
        "HDLC32", "PAS HDLC32",
        "HDV", "High Density Voice (HDV) driver",
        "HDV2", "HDV2 network module",
        "HDX", "Half-duplex (HDX) finite state machines (FSM)",
        "HEALTH_MONITOR", "Health Monitor",
        "HEARTBEAT", "Heartbeat",
        "HHM", "Cisco AS5400 health monitor",
        "HIFN79XX", "Hifn 79xx",
        "HLFM", "Forwarding Manager",
        "HMM_ASYNC", "Hex modem network module asynchronous driver",
        "HOOD", "LAN controller 100VG-AnyLAN interface",
        "HP100VG", "100VG-AnyLAN port adapter driver",
        "HPI", "Host Port Interface",
        "HSRP", "Hot Standby Router Protocol (HSRP)",
        "HTSP", "Analog voice hardware adaptation layer software",
        "HTTP", "Hypertext Transfer Protocol (HTTP)",
        "HTTPC", "HTTP client",
        "HUB", "Cisco Ethernet hub",
        "HW", "Hardware",
        "HW_API", "Hardware API",
        "HW_VPN", "Encryption Advanced Interface Module (EAIM)",
        "HWECAN", "HWECAN echo canceller",
        "HWIC_1GE_SFP", "Gigabit Ethernet High-speed WAN Interface Card (HWIC)",
        "HWIC_ADSL", "HWIC ADSL",
        "HWIC_ADSL_BRI", "HWIC ADSL/BRI",
        "HWIC_BRI", "HWIC BRI",
        "HWIC_HOST", "High-speed WAN Interface Card (HWIC) Host Driver Library",
        "HWIC_SERIAL", "High-speed WAN Interface Card (HWIC) Serial Device Driver",
        "HWIF_QOS", "HWIF QoS",
        "HYPERION", "Hyperion ASIC",
        "I82541", "Intel 82541 Ethernet/Fast Ethernet/Gigabit Ethernet controller",
        "I82543", "Intel 82543 Ethernet/Fast Ethernet/Gigabit Ethernet controller",
        "I82544", "I82544 Fast Ethernet controller",
        "I82559FE", "Intel 82559 Fast Ethernet controller",
        "IAD2420_VOICEPORT", "IAD2420 Voice Port",
        "IBM2692", "IBM Token Ring chipset",
        "ICC", "Inter-Card Communication",
        "IDBINDEX_SYNC", "Interface Descriptor Block (IDB) index synchronization",
        "IDBMAN", "Interface description block manager",
        "IDCONF", "Intrusion Detection Configuration",
        "IDMGR", "ID manager",
        "IDNLD", "NSP IDNLD",
        "IDS", "IP datagram subsystem (IDS)",
        "IDTATM25", "IDT ATM25 network module",
        "IEDGE", "Intelligent Services Gateway (ISG)",
        "IF", "Interface",
        "IFINDEX", "SNMP IF_MIB persistence",
        "IFMGR", "Interface Manager",
        "IFS", "Cisco IOS file system",
        "IGRP", "Interior Gateway Routing Protocol",
        "ILACC", "ILACC driver",
        "ILPM_FAULT", "Inline Power Management (ILPM)-related",
        "ILPOWER", "Inline power",
        "IMA", "Inverse multiplexing over ATM (IMA)",
        "IMAGEMGR", "Image manager",
        "IMAGE_SIMFS", "In-Memory System Image File System",
        "IMAGE_VFS", "Image Virtual File System",
        "INBAND", "Inband management",
        "INDXOBJ", "Index object",
        "INSTANCE_LOG", "Instance log",
        "INT", "CIP for the interrupt handler interface",
        "INTERFACE_API", "Binary API for the interface descriptor block",
        "INTR_MGR", "Interrupt manager",
        "IOCARD", "I/O card-specific",
        "IOS_RESILIENCE", "Cisco IOS software image and configuration resilience",
        "IP", "Internet Protocol",
        "IP_DEVICE_TRACKING", "Switch IP Host Tracking",
        "IP_DEVICE_TRACKING_HA", "Switch IP Host Tracking HA",
        "IPA", "Intelligent port adapter",
        "IPACCESS", "IP security",
        "IPC", "Interprocess communication",
        "IPC_DRVR", "CMCC interprocess communication driver",
        "IPCGRP", "Route Processor (RP) interprocess communication (IPC)",
        "IPCOIR", "IPC Online Insertion and Removal (OIR)",
        "IPC_RPM", "Interprocess communication (IPC)",
        "IPC_RSP_CBUS", "Interprocess communication ciscoBus (CBUS)",
        "IPC_URM", "Interprocess communication universal router module",
        "IPCLC", "Internet router line card interprocess communication",
        "IPDCAPP", "Internet Protocol Device Control application",
        "IPFAST", "IP fast switching",
        "IPFLOW", "IP flow",
        "IPM_C54X", "Voice over IP (VoIP) driver",
        "IPM_DSPRM", "Digital Signal Processor (DSP) Resource Manager",
        "IPM_NV_EEPROM", "Integrated port module NVRAM driver",
        "IPMCAST", "Cisco 12000 series Internet router line card IP multicast",
        "IPMCAST_LIB", "IP Multicast library",
        "IPMOBILE", "IP Mobility",
        "IPNAT", "IP Network Address Translation",
        "IPP", "CMCC encryption feature",
        "IPPHONE", "IP Phone register/unregister",
        "IPRT", "IP routing",
        "IPS", "Intrusion prevention system",
        "IPSECV6", "Encryption feature",
        "IP_SNMP", "Simple Network Management Protocol specific to IP",
        "IPV6", "IP version 6",
        "IPV6FIB", "IP version 6 forwarding-based on destination IP addresses",
        "IPV6_FW", "IPv6 Inspection subsystem",
        "IPV6_VFR", "IPv6 virtual fragment reassembly subsystem",
        "IPV6_VRF", "VRF common",
        "IP_VFR", "IP Virtual Fragment Reassembly (VFR) subsystem",
        "IP_VRF", "IP VPN routing/forwarding instance common",
        "IPX", "Novell Internetwork Packet Exchange Protocol (IPX)",
        "IRECAGENTSERVER", "IREC agent server",
        "IRONBUS", "Iron bus",
        "ISA", "Integrated Services Adapter (ISA)",
        "ISDN", "Integrated Services Digital Network (ISDN)",
        "ISRHOG", "Interrupt Service Routine Hog",
        "ISSU", "In Service Software Upgrade",
        "ISSU_CS", "ISSU configuration synchronization",
        "IUA", "ISDN User Adaptation Layer",
        "IVR", "Interactive Voice Response (IVR)",
        "IVR_MSB", "Media Stream module",
        "IVR_NOSIGNALING", "Interactive Voice Response (IVR) system messages not related to call signaling",
        "IXP1200_CP", "One port Fast Ethernet with coprocessor assist",
        "IXP_MAP", "ESF Network Processor Client Mapper",
        "JAGGER", "Constellation WAN line card",
        "JETFIRE_SM", "NAM Sensor network module",
        "KERBEROS", "Voice over IP (VoIP) for Cisco AS5800",
        "KEYMAN", "Keystring encryption",
        "KINEPAK", "Voice over IP (VoIP) for Cisco AS5800",
        "L2", "Layer 2",
        "L2_AGING", "Layer 2 aging",
        "L2_APPL", "Layer 2 application",
        "L2_ASIC", "Layer 2 forwarding engine",
        "L2CAC", "Layer 2 CAC",
        "L2HW_CM", "Layer 2 hardware connection manager",
        "L2R", "L2RLY",
        "L3_ASIC", "Layer 3 CEF engine",
        "L3MM", "Layer 3 Mobility Manager",
        "L3_MGR", "Layer 3 manager",
        "L3TCAM", "Layer 3 TCAM manager",
        "LANCE", "Local Area Network Controller Ethernet",
        "LANE", "LAN Emulation",
        "LANMGR", "IBM LAN Network Manager",
        "LAPB", "X.25 Link Access Procedure, Balanced",
        "LAPP_OFF", "Fax offramp calls",
        "LAPP_ON_MSGS", "Fax onramp calls",
        "LAT", "DEC local-area transport",
        "LC", "Line card",
        "LC_10G", "Hamptons 10G trunk card",
        "LC_2P5G", "Hamptons 2.6G trunk card",
        "LCB", "Line Control Block (LCB) event process",
        "LCCEF", "ATM Cisco Express Forwarding (CEF) adjacency",
        "LCCOREDUMP", "Line card core dump subsystems",
        "LCFE", "Fast Ethernet line card (LC) driver",
        "LCGE", "Gigabit Ethernet line card (LC) driver",
        "LCINFO", "Line card crash information subsystem",
        "LCLOG", "Internet router line card logger subsystem",
        "LCMDC", "ONS 15540 Extended Services Platform",
        "LCOC12_CH_DS3", "Internet router OC-12-channelized-to-D3 line card",
        "LCPLIM", "Line card physical layer interface module",
        "LCPOS", "Packet over SONET (POS) line card driver",
        "LCR", "Line card registry",
        "LCRED", "LC and Port redundancy",
        "LDP", "Label Distribution Protocol (LDP)",
        "LES_FDDI", "LAN Emulation Server/Fiber Distributed Data Interface",
        "LEX", "LAN extension",
        "LFD", "Label Forwarding Database",
        "LFD", "MFI Label Switching Database (LFD)",
        "LIBT2F", "Text to fax library",
        "LIBTIFF", "Tagged Image File Format (TIFF) library",
        "LINECARD", "Node Route Processor (NRP) line card",
        "LINEPROTO", "Line Protocol",
        "LINK", "Data link",
        "LLC", "Logical Link Control (LLC), type 2",
        "LLDP", "Link Layer Discovery Protocol",
        "LLIST", "Linked list facility",
        "LNM", "Link noise monitor for the E1T1 module",
        "LNMC", "LAN network manager",
        "LOADER", "CIP for relocating loader facility",
        "LOGIN", "Login",
        "LOVE", "Statistics from the CIP to the router",
        "LPD", "Line printer daemon",
        "LRE", "Long Reach Ethernet for the Catalyst 2950 switch",
        "LSD", "MPLS Forwarding Infrastructure (MFI) Label Switching Database",
        "LSPV", "MPLS Label-Switched Path Verification",
        "LSS", "LS switching message definition",
        "M32X", "M32X Basic Rate Interface trunk card",
        "MAC_LIMIT", "MAC address table entries",
        "MAC_MOVE", "Host activity",
        "MAILBOX", "ChipCom mailbox support",
        "MARS_NETCLK", "Network clock system",
        "MARVEL_HM", "Platform-dependent health monitor rules",
        "MASTER_LED", "Master LED",
        "MBRI", "Multi-BRI port modules",
        "MBUF", "CMCC memory buffer",
        "MBUS", "CMCC maintenance bus (MBus)",
        "MBUS_SYS", "Maintenance bus (MBus) system",
        "MC3810_DSX1", "MC3810 DSX1 subsystem",
        "MCAST", "Layer 2 multicast",
        "MCT1E1", "CT1/CE1 shared port adapter",
        "MCX", "Voice port adapter",
        "MDEBUG", "Memory debug",
        "MDR_SM", "Minimum Disruption Restart State Machine",
        "MDS", "Multicast distributed switching",
        "MDT", "PIM MDT",
        "MDX", " ",
        "MEM_ECC", "Memory write parity errors detected by ECC control",
        "MEM_HM", "Memory health monitor",
        "MEMD", "CMCC CIP related to the memory device facility",
        "MEM_MGR", "Memory management",
        "MEMPOOL", "Enhanced Memory pool MIB",
        "MEMSCAN", "Memory scan",
        "METOPT", "ONS 15540 Extended Services Platform",
        "METS", "Memory-leak analysis",
        "MFI", "MPLS Forwarding Infrastructure",
        "MFIB", "Multicast Forwarding Information Base",
        "MFIB_CONST_LC", "MFIB-Constellation platform",
        "MFIB_CONST_RP", "MFIB Constellation information",
        "MFIB_STATS", "MFIB statistics",
        "MGCP", "Media Gateway Control Protocol (MGCP)",
        "MGCP_APP", "Media Gateway Control Protocol (MGCP) application-specific",
        "MGCP_RF", "Media Gateway Control Protocol (MGCP) High Availability",
        "MHA", "Marvel high availability",
        "MHA_LINE", "Marvel high availability line",
        "MHA_MODE", "Marvel high availability",
        "MHA_RF", "Marvel high availability redundancy feature",
        "MIC", "Port adapter",
        "MICA", "Modem ISDN Channel Aggregation (MICA)",
        "MIF68840", "PCI MC68840 FDDI port adapter",
        "MIMIC", "MCOM integrated modem network modules",
        "MIPC", "Marvel IPC",
        "MISA", "Multiple Crypto Engine subsystem",
        "MISTRAL", "Mistral ASIC",
        "MK5", "MK5025 serial controller",
        "MLD_PROT", "Multicast Listener Discovery",
        "MLOAD", "Module Loader",
        "MLS_ACL_COMMON", "Multilayer switching ACL",
        "MLS_RATE", "Multilayer Switching Rate Limit",
        "MLSCEF", "Multilayer Switching Cisco Express Forwarding",
        "MLSM", "Multilayer Switching Multicast",
        "MMLS", "Multicast Multilayer Switching",
        "MMLS_RATE", "Multicast Multilayer Switching Rate Limit",
        "MMODEM", "Integrated modem network module",
        "MODEM", "Router shelf modem management",
        "MODEM_HIST", "Router shelf modem history and tracing",
        "MODEM_NV", "Modem NVRAM",
        "MODEM_CALLREC", "Modem call record",
        "MODEMCALLRECORD", "Modem Call Record",
        "MOHAWK_SM", "IDS sensor network module",
        "MONITOR", "Cisco IOS software ROM monitor",
        "MOTCR", "Hardware accelerator for IPSec",
        "MPA68360", "VIP Multi-channel Port Adapter",
        "MPC", "Multipath Channel Protocol",
        "MPF", "Multi-Processor Forwarding (MPF)",
        "MPLS", "Multiprotocol Label Switching",
        "MPLS_ATM_TRANS", "ATM Transport over MPLS",
        "MPLS_PACKET", "MPLS packet",
        "MPLS_TE", "Label Switch Path (LSP) tunnel",
        "MPLS_TE_PCALC", "MPLS TE path calculation facility",
        "MPOA", "Multiprotocol over ATM (MPOA)",
        "MPLSOAM", "MPLS management",
        "MRIB", "Multicast Routing Information Base",
        "MRIB_API", "MRIB client API",
        "MRIB_PROXY", "MRIB proxy",
        "MROUTE", "Multicast route",
        "MSACDSPRM", "Media Conferencing DSP Resource Manager",
        "MSC100_SPA_CC", "Cisco 7304 SPA carrier card",
        "MSDP", "Multicast Source Discovery Protocol",
        "MSDSPRM", "Media Services DSP Resource Manager",
        "MSFC2", "Multilayer Switch Feature Card 2",
        "MSFW", "Media Services DSP Firmware Manager",
        "MSG802", "CMCC CIP 802 for IEE 802.2cx LLC Protocol",
        "MSPI", "Mail Service Provider",
        "MTRIE", "Mtrie",
        "MUESLIX", "Mx serial application-specific integrated circuit (ASIC)",
        "MV64340_ETHERNET", "MV64340 Ethernet controller",
        "MVR_RP", "Multicast VLAN Registration (MVR) route processor",
        "MWAM", "Multiprocessor WAN Application Module (MWAM)",
        "MWAM_FILESYSTEM", "Multiprocessor WAN Application Module (MWAM) crashinfo and bootflash file system",
        "MWAM_FLASH", "Multiprocessor WAN Application Module (MWAM) flash memory",
        "MWAM_FUR", "Multiprocessor WAN Application Module (MWAM) FUR",
        "MWAM_NVRAM", "Multiprocessor WAN Application Module (MWAM) NVRAM",
        "MWAM_VRTC", "Multiprocessor WAN Application Module (MWAM) VTRC",
        "MWR1900_QOS_GENERAL", "MWR1900 Quality of Service (QoS)",
        "MWR1900_CFG_GENERAL", "MWR1900 PXF queuing configuration",
        "MWR1900_REDUNDANCY", "MWR1900 redundancy",
        "MXT_FREEDM", "8PRI/4T board",
        "NATMIB_HELPER", "NAT MIB helper",
        "NBAR", "Network-based application recognition (NBAR)",
        "NETFLOW_AGGREGATION", "NetFlow aggregation",
        "NETGX_CRYPTO", "NETGX CRYPTO hardware accelerator module for IPsec",
        "NET_SERV", "Networking Services",
        "NETWORK_CLOCK_SYNCHRONIZATION", "Network clock synchronization",
        "NETWORK_PORT_SATELLITE", "Network port satellite",
        "NETWORK_RF_API", "Network redundancy feature API",
        "NEVADA", "CMCC CIP interrupt controller",
        "NHRP", "Next Hop Resolution Protocol (NHRP)",
        "NIM", "Network interface module",
        "NM_8_16AM_V2_MODULE", "NM-8/16AM-V2 module",
        "NP", "NextPort (NP)",
        "NP_BS", "NextPort (NP) Bootstrap and Crash Monitor",
        "NP_CLIENT", "NextPort (NP) client",
        "NP_DDSM", "NextPort (NP) Digital Data Services Manager",
        "NP_DSPLIB", "NextPort (NP) DSPLIB",
        "NP_EST", "NextPort (NP) error, status, and trace",
        "NP_MD", "NextPort (NP) modem driver",
        "NP_MM", "NextPort (NP) module manager",
        "NP_SIGLIB", "NextPort (NP) signaling library",
        "NP_SPE_DS", "NextPort (NP) Dial Shelf Service Processing Element (SPE) Manager",
        "NP_SSM", "NextPort (NP) Session and Service Manager",
        "NP_UCODE", "NextPort (NP) microcode",
        "NP_VPD", "NextPort (NP) Voice Packet Driver",
        "NP_VSM", "NextPort (NP) Voice Service Manager",
        "NRP", "Network Routing Processor (NRP)",
        "NRP2", "Network Route Processor, type 2",
        "NRP2_NVMANAGE", "Network Route Processor, type 2 NVRAM management",
        "NRP2_SE64", "SE64 upper and lower layer device driver",
        "NRP2EHSA", "NRP2 EHSA",
        "NSE", "Network services engine",
        "NSE100", "Network services engine NSE100",
        "NSP", "Network Switch Processor (NSP)",
        "NSP_APS", "Cisco 6400 node switch processor (NSP)",
        "NSP_DISK", "NSP disk",
        "NSP_OIR", "Cisco 6400 online insertion and removal (OIR)",
        "NSPINT", "Network switch processor (NSP) interrupt infrastructure",
        "NTP", "Network Time Protocol (NTP)",
        "OBFL", "Onboard Failure Logging",
        "OCE", "Output chain elements",
        "ODM", "Online diagnostics manager",
        "OER_BR", "Optimized Edge Routing (OER) border router",
        "OER_MC", "Optimized Edge Routing (O

要回复问题请先登录注册