System Management Configuration Statements
To configure system management, you can include the following statements in the configuration:
system {accounting {events [ login change-log interactive-commands ];destination {tacplus {server {server-address{secretpassword;single-connection;source-addresssource-address;timeoutseconds;port <port-number>;}}}}}archival {configuration { transfer-interval interval; transfer-on-commit; archive-sites { ftp://<username>:<password>@<host>:<port>/<url-path>; } }}authentication-order [authentication-methods];backup-routeraddress<destinationdestination-address>;compress-configuration-files;default-address-selection;diag-port-authentication {disable;maximum-hop-count;minimum-wait-timeseconds;server [address];interfaceinterface-group{no-listen;maximum-hop-count;minimum-wait-timeseconds;server [address]; }}diag-port-authentication (encrypted-password "password" |plain-text-password);domain-namedomain-name;domain-search [domain-list];host-namehost-name;location {altitudefeet;country-codecode;hcoordhorizontal-coordinate;lataservice-area;latitudedegrees;longitudedegrees;npa-nxxnumber;postal-codepostal-code;vcoordvertical-coordinate;}login {messagetext;classclass-name{allow-commands "regular-expression";allow-configuration "regular-expression";deny-commands "regular-expressionZ";deny-configuration "regular-expression";idle-timeoutminutes;no-tip;permissions [permissions];}useruser-name{full-namecomplete-name;uiduid-value;classclass-name;authentication {(encrypted-password "password" | plain-text-password);ssh-rsa "public-key";ssh-dsa "public-key";}}}mirror-flash-on-disk;name-server {address;ntp {authentication-keykey-numbertypetypevaluepassword;boot-serveraddress;broadcast <address> <keykey-number> <versionvalue> <ttlvalue>;broadcast-client;multicast-client <address>;peeraddress<keykey-number> <versionvalue> <prefer>;source-addresssource-address;serveraddress<keykey-number> <versionvalue> <prefer>;trusted-key [key-numbers];}ports {auxiliary {typeterminal-type;}console {insecure;log-out-on-disconnect;typeterminal-type;}}processes {disk-monitoring (enable | disable); inet-process (enable | disable) failover (alternate-media | other-routing-engine);interface-control (enable | disable) failover (alternate-media | other-routing-engine);mib-process (enable | disable) failover (alternate-media | other-routing-engine);ntp (enable | disable) failover (alternate-media | other-routing-engine);routing (enable | disable) failover (alternate-media | other-routing-engine);snmp (enable | disable) failover (alternate-media | other-routing-engine);watchdog (enable | disable) failover (alternate-media | other-routing-engine) timeoutseconds;}radius-serverserver-address{portnumber;retrynumber;secretpassword;source-addresssource-address;timeoutseconds;}root-authentication {(encrypted-password "password" | plain-text-password);ssh-rsa "public-key";ssh-dsa "public-key";}services {finger <connection-limitlimit> <rate-limitlimit>;ftp <connection-limitlimit> <rate-limitlimit>;rlogin <connection-limitlimit> <rate-limitlimit>;ssh <connection-limitlimit> <rate-limitlimit>;telnet <connection-limitlimit> <rate-limitlimit>;}static-host-mapping {host-name{inet [address];sysidsystem-identifier;alias [alias];}}syslog {filefilename{facility level;archive {filesnumber;sizesize;(world-readable | no-world-readable);}}host (hostname| other-routing-engine) {facility level;facility-overridefacility;log-prefixstring;}source-addresssource-address;time-format (year | millisecond | year millisecond);user (username| *) {facility level;}console {facility level;}archive {filesnumber;sizesize;(world-readable | no-world-readable);}}tacplus-serverserver-address{secretpassword;single-connection;source-addresssource-address;timeoutseconds;}time-zonetime-zone;}