Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


log (Logical Systems and Tenant Systems)



Hierarchy Level

Release Information

Statement introduced in Junos OS Release 18.2R1 for logical systems.

Statement introduced in Junos OS Release 18.3R1 for tenant systems.

The routing-instance option introduced in Junos OS Release 18.3R1 for tenant systems.


Configure security log for logical systems and tenant systems. Set the mode of logging (event for traditional system logging or stream for streaming security logs through a revenue port to a server). You can also specify all the other parameters for security logging.


disableDisable the security logging for the device.
facility-override Alternate facility for logging to remote host.


  • authorization —Authorization system

  • daemon —Various system processes

  • ftp —FTP process

  • kernel —Kernel

  • local0 —Local logging option number 0

  • local1 —Local logging option number 1

  • local2 —Local logging option number 2

  • local3 —Local logging option number 3

  • local4 —Local logging option number 4

  • local5 —Local logging option number 5

  • local6 —Local logging option number 6

  • local7 —Local logging option number 7

  • user —User processes

formatSet security log format for the device.


  • binary —Binary log

  • binarysd-syslog —Structured syslog

  • syslog —Traditional syslog

modeControls how security logs are processed and exported.


  • event —Process security logs in the control plane

  • stream —Process security logs directly in the forwarding plane

source-address Specify a source IP address or IP address used when exporting security logs, which is mandatory to configure stream host.
source-interface Specify a source interface name, which is mandatory to configure stream host.
streamSet security log stream settings.
transportSet security log transport settings.


  • tcp—TCP transfer for log

  • tls—TLS transfer for log

  • udp—UDP transfer for log

utc-timestampSpecify to use UTC time for security log timestamps.

The following options are not supported under logical system and tenant system:

  • event-rate and rate-cap— Use to limit the log rate between Packet Forwarding Engine (PFE) and Routing Engine (RE).

  • file— Use to store binary log with event mode.

  • max-database-record and report— Use to enable SQLite Version 3 (sqlite3) database for local log management daemon (llmd).

  • traceoptions— Specify security log daemon trace options.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.