3.2.39. logging

Global Settings

Note

requires a Product License.

Global logging configuration.

vsr running config# system logging

log-level

Maximum log level that will be displayed. (emergency 0, alert 1, critical 2, error 3, warning 4, notice 5, info 6, debug 7). If set to info, log levels between emergency and info will be displayed, and debug will be hidden.

vsr running config# system logging
vsr running logging# log-level LOG-LEVEL

LOG-LEVEL values

Description

emergency

System is unusable.

alert

Action must be taken immediately.

critical

Critical conditions.

error

Error conditions.

warning

Warning conditions.

notice

Normal but significant condition.

info

Informational messages.

debug

Debug-level messages.

Default value
info

disk-usage (state only)

Total disk usage of all journal files.

vsr> show state system logging disk-usage

rate-limit

Configure logging rate limiting.

vsr running config# system logging rate-limit

interval

Amount of time that is being measured for rate limiting. A value of 0 disables rate limiting.

vsr running config# system logging rate-limit
vsr running rate-limit# interval <uint32>
Default value
30

burst

Amount of messages that have to occur in the rate limit interval to trigger rate limiting. A value of 0 disables rate limiting.

vsr running config# system logging rate-limit
vsr running rate-limit# burst <uint32>
Default value
10000

Per-VRF Settings

Note

requires a Product License.

Per-VRF logging configuration.

vsr running config# vrf <vrf> logging

syslog

Syslog configuration.

vsr running config# vrf <vrf> logging syslog

enabled (pushed)

Enable syslog.

vsr running config# vrf <vrf> logging syslog
vsr running syslog# enabled true|false
Default value
true

tag

Tag that will be included in the logs sent to the server.

vsr running config# vrf <vrf> logging syslog
vsr running syslog# tag <string>{1,32}

remote-server

Remote log server list.

vsr running config# vrf <vrf> logging syslog remote-server <remote-server>

<remote-server> values

Description

<ipv4-address>

The ipv4-address type represents an IPv4 address in dotted-quad notation. The IPv4 address may include a zone index, separated by a % sign. The zone index is used to disambiguate identical address values. For link-local addresses, the zone index will typically be the interface index number or the name of an interface. If the zone index is not present, the default zone of the device will be used. The canonical format for the zone index is the numerical format

<ipv6-address>

The ipv6-address type represents an IPv6 address in full, mixed, shortened, and shortened-mixed notation. The IPv6 address may include a zone index, separated by a % sign. The zone index is used to disambiguate identical address values. For link-local addresses, the zone index will typically be the interface index number or the name of an interface. If the zone index is not present, the default zone of the device will be used. The canonical format of IPv6 addresses uses the textual representation defined in Section 4 of RFC 5952. The canonical format for the zone index is the numerical format as described in Section 11.2 of RFC 4007.

<domain-name>{1,253}

The domain-name type represents a DNS domain name. The name SHOULD be fully qualified whenever possible. Internet domain names are only loosely specified. Section 3.5 of RFC 1034 recommends a syntax (modified in Section 2.1 of RFC 1123). The pattern above is intended to allow for current practice in domain name use, and some possible future expansion. It is designed to hold various types of domain names, including names used for A or AAAA records (host names) and other records, such as SRV records. Note that Internet host names have a stricter syntax (described in RFC 952) than the DNS recommendations in RFCs 1034 and 1123, and that systems that want to store host names in schema nodes using the domain-name type are recommended to adhere to this stricter standard to ensure interoperability. The encoding of DNS names in the DNS protocol is limited to 255 characters. Since the encoding consists of labels prefixed by a length bytes and there is a trailing NULL byte, only 253 characters can appear in the textual dotted notation. The description clause of schema nodes using the domain-name type MUST describe when and how these names are resolved to IP addresses. Note that the resolution of a domain-name value may require to query multiple DNS records (e.g., A for IPv4 and AAAA for IPv6). The order of the resolution process and which DNS record takes precedence can either be defined explicitly or may depend on the configuration of the resolver. Domain-name values use the US-ASCII encoding. Their canonical format uses lowercase US-ASCII characters. Internationalized domain names MUST be A-labels as per RFC 5890.

source

Source address used to reach the server.

vsr running config# vrf <vrf> logging syslog remote-server <remote-server>
vsr running remote-server <remote-server># source SOURCE

SOURCE values

Description

<ipv4-address>

An IPv4 address.

<ipv6-address>

An IPv6 address.

protocol

Transmission protocol.

vsr running config# vrf <vrf> logging syslog remote-server <remote-server>
vsr running remote-server <remote-server># protocol PROTOCOL

PROTOCOL values

Description

udp

Traditional UDP transport. Extremely lossy but standard.

tcp

Plain TCP based transport. Loses messages only during certain situations but is widely available.

Default value
tcp
port

Sets the destination port number for syslog messages to the server.

vsr running config# vrf <vrf> logging syslog remote-server <remote-server>
vsr running remote-server <remote-server># port PORT

PORT

A 16-bit port number used by a transport protocol such as TCP or UDP.

Default value
514
log-filter

Filter messages sent to the server.

vsr running config# vrf <vrf> logging syslog remote-server <remote-server>
vsr running remote-server <remote-server># log-filter facility <log-filter> \
...   level EQUAL greater-or-equal GREATER-OR-EQUAL \
...     not LEVEL

<log-filter> values

Description

kernel

Filter kernel messages.

mail

Filter mail system messages.

news

Filter network news subsystem messages.

user

Filter random user-level messages.

auth

Filter security/authorization messages.

authpriv

Filter security/authorization messages (private).

cron

Filter clock daemon messages.

daemon

Filter system daemons messages.

line-printer

Filter line printer subsystem messages.

FTP

Filter FTP daemon messages.

syslog

Filter messages generated internally by the syslog daemon.

uucp

Filter UUCP subsystem messages.

local0

Filter messages from local0.

local1

Filter messages from local1.

local2

Filter messages from local2.

local3

Filter messages from local3.

local4

Filter messages from local4.

local5

Filter messages from local5.

local6

Filter messages from local6.

local7

Filter messages from local7.

any

Filter messages from any facilities.

level

Select messages level to send to the server.

level EQUAL greater-or-equal GREATER-OR-EQUAL \
     not LEVEL
EQUAL

Select levels to send the server.

EQUAL

EQUAL values

Description

emergency

System is unusable.

alert

Action must be taken immediately.

critical

Critical conditions.

error

Error conditions.

warning

Warning conditions.

notice

Normal but significant condition.

info

Informational messages.

debug

Debug-level messages.

any

Send all messages from this facility.

none

Send nothing from this facility.

greater-or-equal

Send messages with a greater or equal level than the selected one to the server.

greater-or-equal GREATER-OR-EQUAL

GREATER-OR-EQUAL values

Description

emergency

System is unusable.

alert

Action must be taken immediately.

critical

Critical conditions.

error

Error conditions.

warning

Warning conditions.

notice

Normal but significant condition.

info

Informational messages.

debug

Debug-level messages.

not

Select levels to not send to the server.

not LEVEL
LEVEL (mandatory)

Do not send messages with this level.

LEVEL

LEVEL values

Description

emergency

System is unusable.

alert

Action must be taken immediately.

critical

Critical conditions.

error

Error conditions.

warning

Warning conditions.

notice

Normal but significant condition.

info

Informational messages.

debug

Debug-level messages.

tls

Enable syslog messages encryption and server/client authentication.

vsr running config# vrf <vrf> logging syslog tls
enabled

Enable/disable syslog messages encryption and server/client authentication.

vsr running config# vrf <vrf> logging syslog tls
vsr running tls# enabled true|false
Default value
true
ca-certificate (mandatory)

PEM-encoded X509 certificate authority certificate.

vsr running config# vrf <vrf> logging syslog tls
vsr running tls# ca-certificate <string>
certificate (hidden)

PEM-encoded X509 certificate.

vsr running config# vrf <vrf> logging syslog tls
vsr running tls# certificate <string>
private-key (hidden)

PEM-encoded X509 private key.

vsr running config# vrf <vrf> logging syslog tls
vsr running tls# private-key <string>
server-authentication

Server authentication mode selection.

vsr running config# vrf <vrf> logging syslog tls
vsr running tls# server-authentication anonymous certificate \
...   name <string> \
...   fingerprint <string>
anonymous

No authentication.

anonymous
certificate

Certificate validation only.

certificate
name

Certificate validation and subject name authentication.

name <string>
<string> (mandatory)

Certificate validation and subject name authentication.

<string>
fingerprint

Certificate fingerprint authentication.

fingerprint <string>
<string> (mandatory)

Certificate fingerprint authentication.

<string>