Configuring System Logging for Service Sets

 

You specify properties that control how system log messages are generated for the service set. These values override the values configured at the [edit interfaces interface-name services-options] hierarchy level.

To configure service-set-specific system logging values, include the syslog statement at the [edit services service-set service-set-name] hierarchy level:

Configure the host statement with a hostname or an IP address that specifies the system log target server. The hostname local directs system log messages to the Routing Engine. For external system log servers, the hostname must be reachable from the same routing instance to which the initial data packet (that triggered session establishment) is delivered. You can specify only one system logging hostname. The source-address parameter is supported on the ms, rms, and mams interfaces.

Starting in Junos OS Release 17.4R1, you can configure up to a maximum of four system log servers (combination of local system log hosts and remote system log collectors) for each service set under [edit services service-set service-set-name] hierarchy level.

Note

Junos OS does not support the exporting of system log messages to an external system log server through the fxp.0 interface; this is because the high transmission rate of system log messages and the limited bandwidth of the fxp.0 interface can cause several problems. The external system log server must be reachable through a routable interface.

Table 1 lists the severity levels that you can specify in configuration statements at the [edit services service-set service-set-name syslog host hostname] hierarchy level. The levels from emergency through info are in order from highest severity (greatest effect on functioning) to lowest.

Table 1: System Log Message Severity Levels

Severity Level

Description

any

Includes all severity levels

emergency

System panic or other condition that causes the router to stop functioning

alert

Conditions that require immediate correction, such as a corrupted system database

critical

Critical conditions, such as hard drive errors

error

Error conditions that generally have less serious consequences than errors in the emergency, alert, and critical levels

warning

Conditions that warrant monitoring

notice

Conditions that are not errors but might warrant special handling

info

Events or non-error conditions of interest

We recommend setting the system logging severity level to error during normal operation. To monitor PIC resource usage, set the level to warning. To gather information about an intrusion attack when an intrusion detection system error is detected, set the level to notice for a specific service set. To debug a configuration or log NAT functionality, set the level to info.

For more information about system log messages, see the System Log Explorer.

To select the class of messages to be logged to the specified system log host, include the class statement at the [edit services service-set service-set-name syslog host hostname] hierarchy level:

To use one particular facility code for all logging to the specified system log host, include the facility-override statement at the [edit services service-set service-set-name syslog host hostname] hierarchy level:

The supported facilities are: authorization, daemon, ftp, kernel, user, and local0 through local7.

To specify a text prefix for all logging to this system log host, include the log-prefix statement at the [edit services service-set service-set-name syslog host hostname] hierarchy level: