Configure System Logging

System logging operations use a syslog-like mechanism to record systemwide, high-level operations, such as interfaces' going up or down and users' logging into or out of the router.

To control system logging and how much information the system should log, include the syslog statement at the [edit system] hierarchy level:

 [edit system] 
 syslog { 
     archive { 
         files number;
         size size; 
         (world-readable | no-world-readable); 
     }
     file filename { 
         facility level;
         archive { 
             files number;
             size size; 
             (world-readable | no-world-readable); 
         }
     }
     host hostname { 
         facility level;
         facility-override facility;
         log-prefix string;
     }
     user (username | *) { 
         facility level;
     }
     console { 
         facility level;
     }
 }

You can log system logging information to one or more destinations. The destinations can be one or more files, one or more remote hosts, the terminals of one or more users if they are logged in, and the system console.

For each place where you can log system logging information, you specify the class (facility) of messages to log and the minimum severity level (level) of the message.

Table 10 lists the system logging facilities, and Table 11 lists the system logging severity levels.

Table 10: System Logging Facilities

Facility

Description

`any`

Any facility

`authorization`

Any authorization attempt

`change-log`

Any change to the configuration

`cron`

Cron daemon

`daemon`

Various system daemons

`interactive-commands`

Commands executed in the CLI

`kernel`

Messages generated by the JUNOS kernel

`user`

Messages from random user processes

Facility	Description
`any`	Any facility
`authorization`	Any authorization attempt
`change-log`	Any change to the configuration
`cron`	Cron daemon
`daemon`	Various system daemons
`interactive-commands`	Commands executed in the CLI
`kernel`	Messages generated by the JUNOS kernel
`user`	Messages from random user processes

Table 11: System Logging Severity Levels

Severity Level (from Highest to Lowest Severity)

Description

`emergency`

Panic or other conditions that cause the system to become unusable.

`alert`

Conditions that should be corrected immediately, such as a corrupted system database.

`critical`

Critical conditions, such as hard drive errors.

`error`

Standard error conditions.

`warning`

System warning messages.

`notice`

Conditions that are not error conditions, but that might warrant special handling.

`info`

Informational messages. This is the default.

`debug`

Software debugging messages.

Severity Level (from Highest to Lowest Severity)	Description
`emergency`	Panic or other conditions that cause the system to become unusable.
`alert`	Conditions that should be corrected immediately, such as a corrupted system database.
`critical`	Critical conditions, such as hard drive errors.
`error`	Standard error conditions.
`warning`	System warning messages.
`notice`	Conditions that are not error conditions, but that might warrant special handling.
`info`	Informational messages. This is the default.
`debug`	Software debugging messages.

A common set of operations to log is when users log into the router and when they issue CLI commands. To configure this type of logging, specify the interactive-commands facility and one of the following severity levels:

info—Log all top-level CLI commands, including the configure command, and all configuration mode commands.
notice—Log the configuration mode commands rollback and commit.
warning—Log when any software process restarts.

Another common operation to log is when users enter authentication information. To configure this type of logging, specify the authorization facility.

[Contents] [Prev] [Next] [Index]