Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Setting the System to Send All Log Messages Through eventd


The eventd process of logging configuration is most commonly used for Junos OS. In this configuration, control plane logs and data plane, or security, logs are forwarded from the data plane to the Routing Engine control plane rtlogd process. The rtlogd process then either forwards syslog or sd-syslog-formatted logs to the eventd process or the WELF-formatted logs to the external or remote WELF log collector.

To send all log messages through eventd:

  1. Set the eventd process to handle security logs and send them to a remote server.
  2. Configure the server that will receive the system log messages.

    where hostname is the fully qualified hostname or IP address of the server that will receive the logs.


To send duplicate logs to a second remote server, repeat the command with a new fully qualified hostname or IP address of a second server.

If your deployment is an active/active chassis cluster, you can also configure security logging on the active node to be sent to separate remote servers to achieve logging redundancy.

To rename or redirect one of the logging configurations, you need to delete and recreate it. To delete a configuration: