Configuring System Log Messages with a Configuration Editor

This section contains the following topics:

Sending System Log Messages to a File

You can direct system log messages to a file on the CompactFlash card. The default directory for log files is /var/log. To specify a different directory on the CompactFlash card, include the complete pathname. For the list of logging facilities and severity levels, see Table 195 and Table 196.

For information about archiving log files, see Archiving System Logs.

The procedure provided in this section sends all security-related information to the sample file named security.

To send messages to a file:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 198.
  3. If you are finished configuring the network, commit the configuration.

Table 198: Sending System Log Messages to a File

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Syslog level in the configuration hierarchy.

  1. In the J-Web interface, select Configuration>View and Edit>Edit Configuration.
  2. Next to System, click Configure or Edit.
  3. Next to Syslog, click Configure or Edit.

From the [edit] hierarchy level, enter

edit system syslog

Create a file named security, and send log messages of the authorization class at the severity level info to the file.

  1. Next to File, click Add new entry.
  2. In the File name box, type security.
  3. Next to Contents, click Add new entry.
  4. In the Facility list, select authorization.
  5. In the Level list, select info.

Set the filename and the facility and severity level:

set file security authorization info

Sending System Log Messages to a User Terminal

To direct system log messages to the terminal session of one or more specific users (or all users) when they are logged into the local Routing Engine, specify one or more JUNOS usernames. Separate multiple values with spaces, or use the asterisk (*) to indicate all users who are logged into the local Routing Engine. For the list of logging facilities and severity levels, see Table 195 and Table 196.

The procedure provided in this section sends any critical messages to the terminal of the sample user frank, if he is logged in.

To send messages to a user terminal:

  1. Navigate to the top of the configuration hierarchy in either the J-Web or CLI configuration editor.
  2. Perform the configuration tasks described in Table 199.
  3. If you are finished configuring the network, commit the configuration.

Table 199: Sending Messages to a User Terminal

Task

J-Web Configuration Editor

CLI Configuration Editor

Navigate to the Syslog level in the configuration hierarchy.

  1. In the J-Web interface, select Configuration>View and Edit>Edit Configuration.
  2. Next to System, click Configure or Edit.
  3. Next to Syslog, click Configure or Edit.

From the [edit] hierarchy level, enter

edit system syslog

Send all critical messages to the user frank.

  1. Next to User, click Add new entry.
  2. In the User name box, type frank.
  3. Next to Contents, click Add new entry.
  4. In the Facility list, select any.
  5. In the Level list, select critical.

Set the filename and the facility and severity level:

set user frank any critical

Archiving System Logs

By default, the JUNOS logging utility stops writing messages to a log file when the file reaches 128 KB in size. It closes the file and adds a numerical suffix, then opens and directs messages to a new file with the original name. By default, the logging utility creates up to 10 files before it begins overwriting the contents of the oldest file. The logging utility by default also limits the users who can read log files to the root user and users who have the JUNOS maintenance permission.

To enable all users to read log files, include the world-readable statement at the [edit system syslog archive] hierarchy level. To restore the default permissions, include the no-world-readable statement. You can include the archive statement at the [edit system syslog file filename] hierarchy level to configure the number of files, file size, and permissions for the specified log file. For configuration details, see the information about archiving log files in the Junos System Basics Configuration Guide.

Disabling System Logs

To disable logging of the messages from a facility, use the facility none configuration statement. This statement is useful when, for example, you want to log messages of the same severity level from all but a few facilities. Instead of including a configuration statement for each facility you want to log, you can configure the any level statement and then a facility none statement for each facility you do not want to log. For configuration details, see the information about disabling logging in the Junos System Basics Configuration Guide.

Copyright© 1999-2010 Juniper Networks, Inc. All rights reserved.