Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


log (Logical Systems and Tenant Systems)


Hierarchy Level


Configure security log for logical systems and tenant systems. Set the mode of logging (event for traditional system logging or stream for streaming security logs through a revenue port to a server). You can also specify all the other parameters for security logging.



Disable the security logging for the device.


Alternate facility for logging to remote host.

  • Values:

    • authorization —Authorization system

    • daemon —Various system processes

    • ftp —FTP process

    • kernel —Kernel

    • local0 —Local logging option number 0

    • local1 —Local logging option number 1

    • local2 —Local logging option number 2

    • local3 —Local logging option number 3

    • local4 —Local logging option number 4

    • local5 —Local logging option number 5

    • local6 —Local logging option number 6

    • local7 —Local logging option number 7

    • user —User processes


Set security log format for the device.

  • Values:

    • binary —Binary log

    • binarysd-syslog —Structured syslog

    • syslog —Traditional syslog


Controls how security logs are processed and exported.

  • Values:

    • event —Process security logs in the control plane

    • stream —Process security logs directly in the forwarding plane


Specify a source IP address or IP address used when exporting security logs, which is mandatory to configure stream host.


Specify a source interface name, which is mandatory to configure stream host.


Set security log stream settings.


Set security log transport settings.

  • Values:

    • tcp—TCP transfer for log

    • tls—TLS transfer for log

    • udp—UDP transfer for log


Specify to use UTC time for security log timestamps.

The following options are not supported under logical system and tenant system:

  • event-rate and rate-cap— Use to limit the log rate between Packet Forwarding Engine (PFE) and Routing Engine (RE).

  • file— Use to store binary log with event mode.

  • max-database-record and report— Use to enable SQLite Version 3 (sqlite3) database for local log management daemon (llmd).

  • traceoptions— Specify security log daemon trace options.

The remaining statements are explained separately. See CLI Explorer.

Required Privilege Level

security—To view this statement in the configuration.

security-control—To add this statement to the configuration.

Release Information

Statement introduced in Junos OS Release 18.2R1.

Statement introduced in Junos OS Release 18.3R1 for tenant systems.

The routing-instance option introduced in Junos OS Release 18.3R1 for tenant systems.