Configuring System Logging for Service Sets
You specify properties that control how system log messages are generated for the service set. These values override the values configured at the [edit interfaces interface-name services-options] hierarchy level.
To configure service-set-specific system logging values, include the syslog statement at the [edit services service-set service-set-name] hierarchy level:
Configure the host statement with a hostname or an IP address that specifies the system log target server. The hostname local directs system log messages to the Routing Engine. For external system log servers, the hostname must be reachable from the same routing instance to which the initial data packet (that triggered session establishment) is delivered. You can specify only one system logging hostname. The source-address parameter is supported on the ms, rms, and mams interfaces.
Starting in Junos OS Release 17.4R1, you can configure up to a maximum of four system log servers (combination of local system log hosts and remote system log collectors) for each service set under [edit services service-set service-set-name] hierarchy level.
Junos OS does not support the exporting of system log messages to an external system log server through the fxp.0 interface; this is because the high transmission rate of system log messages and the limited bandwidth of the fxp.0 interface can cause several problems. The external system log server must be reachable through a routable interface.
Table 1 lists the severity levels that you can specify in configuration statements at the [edit services service-set service-set-name syslog host hostname] hierarchy level. The levels from emergency through info are in order from highest severity (greatest effect on functioning) to lowest.
Table 1: System Log Message Severity Levels
Includes all severity levels
System panic or other condition that causes the router to stop functioning
Conditions that require immediate correction, such as a corrupted system database
Critical conditions, such as hard drive errors
Error conditions that generally have less serious consequences than errors in the emergency, alert, and critical levels
Conditions that warrant monitoring
Conditions that are not errors but might warrant special handling
Events or non-error conditions of interest
We recommend setting the system logging severity level to error during normal operation. To monitor PIC resource usage, set the level to warning. To gather information about an intrusion attack when an intrusion detection system error is detected, set the level to notice for a specific service set. To debug a configuration or log NAT functionality, set the level to info.
For more information about system log messages, see the System Log Explorer.
To select the class of messages to be logged to the specified system log host, include the class statement at the [edit services service-set service-set-name syslog host hostname] hierarchy level:
To use one particular facility code for all logging to the specified system log host, include the facility-override statement at the [edit services service-set service-set-name syslog host hostname] hierarchy level:
The supported facilities are: authorization, daemon, ftp, kernel, user, and local0 through local7.
To specify a text prefix for all logging to this system log host, include the log-prefix statement at the [edit services service-set service-set-name syslog host hostname] hierarchy level: