I will give an example of setting up Juniper logging to the syslog server, for convenience, to view the logs of all devices in one place, and it will also be possible to disable logging to the device’s memory to save its memory.
An example of specifying the IP address of the Syslog server, as well as the events to be sent:
set system syslog host 192.168.5.10 user info
set system syslog host 192.168.5.10 change-log notice
set system syslog host 192.168.5.10 ?
Using the QFX5100 as an example, let’s see what is written to the files and remove the settings so that it is not written:
edit system syslog
show
delete file messages
delete file interactive-commands
Now let’s specify sending the same logs to the syslog server:
set host 192.168.5.10 any notice
set host 192.168.5.10 authorization info
set host 192.168.5.10 interactive-commands notice
exit
commit
Let’s see and make sure that no information is written to these files:
run show log messages | last 100
run show log interactive-commands | last 100
Let’s look at the date of all the logs to make sure that nothing else is written to the internal memory of the device:
run show log ?
An example of viewing logs on MX204:
run show log chassisd | last 100
run show log jddosd | last 100
run show log messages | last 100
If necessary, specify the IP address from which Juniper will send logs:
set system syslog source-address 192.168.5.5
You can add milliseconds or a year to the logs:
set system syslog time-format ?
Let’s see the settings we made:
show system syslog
show | compare
And apply:
commit check
commit comment "set syslog host"
See also my articles:
Installing Rsyslog + Loganalyzer + MySQL
See my other articles about Juniper