I will give an example of setting up Juniper logging to the syslog server, for convenience, to view the logs of all devices in one place, and it will also be possible to disable logging to the device’s memory to save its memory.
An example of specifying the IP address of the Syslog server, as well as the events to be sent:
set system syslog host 192.168.5.10 user info set system syslog host 192.168.5.10 change-log notice set system syslog host 192.168.5.10 ?
Using the QFX5100 as an example, let’s see what is written to the files and remove the settings so that it is not written:
edit system syslog show delete file messages delete file interactive-commands
Now let’s specify sending the same logs to the syslog server:
set host 192.168.5.10 any notice set host 192.168.5.10 authorization info set host 192.168.5.10 interactive-commands notice exit commit
Let’s see and make sure that no information is written to these files:
run show log messages | last 100 run show log interactive-commands | last 100
Let’s look at the date of all the logs to make sure that nothing else is written to the internal memory of the device:
run show log ?
An example of viewing logs on MX204:
run show log chassisd | last 100 run show log jddosd | last 100 run show log messages | last 100
If necessary, specify the IP address from which Juniper will send logs:
set system syslog source-address 192.168.5.5
You can add milliseconds or a year to the logs:
set system syslog time-format ?
Let’s see the settings we made:
show system syslog show | compare
commit check commit comment "set syslog host"
See also my articles:
Installing Rsyslog + Loganalyzer + MySQL
See my other articles about Juniper