Syslog Support on cRPD
Eventd is a process that supports forwarding syslog messages to a configured remote host in containerized RPD (cRPD). You can configure the syslog messages using the following options:
Format | Option | Description |
---|---|---|
file |
|
Eventd writes the syslog messages to the file. You can create a file and forward
all the syslog messages to the file based on the priority using the command
|
|
You can filter the messages based on particular string message using the command
|
|
|
You can log the system messages in structured format using the command |
|
host |
|
Host option allows you to log the message in remote host using the command
|
|
Match string option with host allows you to filter messages based on particular
match string using the command |
|
|
Structured format option at host level allows to log the message to remote host in
structured format using the command |
|
|
Log prefix option at host level allow you to add text string for every syslog
message that is forwarded to remote host using the command |
|
|
Source address option at host level allows you to log the syslog to the remote host
with the specified valid source address using the command |
|
|
|
Source address option at syslog level allows you to log the syslog to the remote
host with specified source address using the command |
Directing System Log Messages to Remote Machine
To direct system log messages to a remote machine, include the host
statement at the [edit system syslog]
hierarchy level:
To direct system log messages to a remote machine, include the host
hostname
statement to specify the remote machine’s IPv4 or
IPv6 address or fully qualified hostname over WAN port and data port. The remote machine
must be running the standard syslogd
utility. In each system log message
directed to the remote machine, the hostname of the local Routing Engine appears after the
timestamp to indicate that it is the source for the message.
[edit system syslog] host (hostname) { facility severity; explicit-priority; facility-override facility; log-prefix string; match "regular-expression"; } source-address source-address;
For the list of logging facilities and severity levels to configure under the
host
statement, see Specifying the Facility and Severity of Messages to
Include in the Log.
To record facility and severity level information in each message, include the
explicit-priority
statement. For more information, see Including Priority Information in System Log
Messages.
For information about the match
statement, see Using Strings and Regular Expressions to Refine the Set of
Logged Messages.
When directing messages to remote machines, you can include the
source-address
statement to specify the IP address of the switch that is
reported in the messages as their source. In each host
statement, you can
also include the facility-override
statement to assign an alternative
facility and the log-prefix
statement to add a string to each message.