System Management Configuration Statements
To configure system management, you can include the following statements in the configuration:
system {accounting {events [ login change-log interactive-commands ];destination {tacplus {server {server-address{portport-number;secretpassword;single-connection;timeoutseconds;}}}}archival {configuration { archive-sites { ftp://<username>:<password>@<host>:<port>/<url-path>; }transfer-interval interval; transfer-on-commit; }}authentication-order [authentication-methods];backup-routeraddress<destinationdestination-address>;buildingname;(compress-configuration-files | no-compression-configuration-files);default-address-selection;dump-device (compact-flash | remove-compact | usb);diag-port-authentication (encrypted-password "password" |plain-text-password);diag-port-authentication {disable;maximum-hop-count;minimum-wait-timeseconds;server [address];interfaceinterface-group{no-listen;maximum-hop-count;minimum-wait-timeseconds;server [address]; }}domain-namedomain-name;domain-search [domain-list];host-namehost-name;internet-optionsaddress<destinationdestination-address>;internet-options {path-mtu-discovery; source-port upper-limit <upper-limit>;source-quench; }location {altitudefeet;buildingname;country-codecode;floornumber;hcoordhorizontal-coordinate;lataservice-area;latitudedegrees;longitudedegrees;npa-nxxnumber;postal-codepostal-code;racknumber;vcoordvertical-coordinate;}login {messagetext;classclass-name{allow-commands "regular-expression";allow-configuration "regular-expression";deny-commands "regular-expression";deny-configuration "regular-expression";idle-timeoutminutes;no-tip;permissions [permissions];}userusername{full-namecomplete-name;uiduid-value;classclass-name;authentication {(encrypted-password "password" | plain-text-password);ssh-rsa "public-key";ssh-dsa "public-key";}}}max-configurations-on-flashnumber;mirror-flash-on-disk;name-server {address;ntp {authentication-keykey-numbertypetypevaluepassword;boot-serveraddress;broadcast <address> <keykey-number> <versionvalue> <ttlvalue>;broadcast-client;multicast-client <address>;peeraddress<keykey-number> <versionvalue> <prefer>;source-addresssource-address;serveraddress<keykey-number> <versionvalue> <prefer>;trusted-key [key-numbers];}ports {auxiliary {typeterminal-type;}pic-console-authentication {encrypted-passwordencrypted-password;plain-text-password;console {insecure;log-out-on-disconnect;typeterminal-type;}}processes {disk-monitoring (enable | disable);inet-process (enable | disable) failover (alternate-media |other-routing-engine);interface-control (enable | disable) failover (alternate-media |other-routing-engine);mib-process (enable | disable) failover (alternate-media |other-routing-engine);ntp (enable | disable) failover (alternate-media | other-routing-engine);routing (enable | disable) failover (alternate-media | other-routing-engine);snmp (enable | disable) failover (alternate-media | other-routing-engine);watchdog (enable | disable) failover (alternate-media | other-routing-engine)timeoutseconds;}radius-serverserver-address{portnumber;retrynumber;secretpassword;source-addresssource-address;timeoutseconds;}root-authentication {(encrypted-password "password" | plain-text-password);ssh-rsa "public-key";ssh-dsa "public-key";}(saved-core-context | no-saved-core-context);saved-core-filessaved-core-files;services {finger {<connection-limitlimit>;<rate-limitlimit>;}ftp {<connection-limitlimit>;<rate-limitlimit>;}service-deployment {serversserver-address{portport-number;}source-addresssource-address;}ssh {root-login (allow | deny | deny-password);protocol-version [v1 v2];<connection-limitlimit>;<rate-limitlimit>;}telnet {<connection-limitlimit>;<rate-limitlimit>;}xnm-clear-text {<connection-limitlimit>;<rate-limitlimit>;}xnm-ssl {<connection-limitlimit>;local-certificatename;<rate-limitlimit>;}}static-host-mapping {host-name{alias [alias];inet [address];sysidsystem-identifier;}}syslog {archive {filesnumber;sizesize;(world-readable | no-world-readable);}console {facility severity;}filefilename{facility severity;explicit-priority;archive {filesnumber;sizesize;(world-readable | no-world-readable);}}host (hostname| other-routing-engine | scc-master) {facility severity;explicit-priority;facility-overridefacility;log-prefixstring;}source-addresssource-address;time-format (year | millisecond | year millisecond);user (username| *) {facility severity;}}tacplus-options service-nameservice-name;tacplus-serverserver-address{secretpassword;single-connection;source-addresssource-address;timeoutseconds;}time-zonetime-zone;}