Problem
Your system logfiles contain lots of messages, and you want to use the severity levels to distinguish the important ones from the informational ones.
Solution
Include the severity level in each logging message:
[edit system syslog file messages] aviva@router1# set explicit-priority
Discussion
When you configure each system logfile and include the explicitly-priority statement, all system log messages contain the priority, which is a combination of the facility and severity level. The following example highlights the priority for messages in the logfile.
aviva@router1> show log messages | match "Mar 9 11:5" Mar 9 11:54:31 router1 login: % AUTH-6-LOGIN_INFORMATION: User aviva logged in from host 172.17.28.19 on device ttyp1 Mar 9 11:54:34 router1 mgd[29108]: % INTERACT-5-UI_DBASE_LOGIN_EVENT: User 'aviva' entering configuration mode Mar 9 11:56:13 router1 mgd[29108]: %INTERACT-5-UI_DBASE_LOGOUT_EVENT: User 'aviva' exiting configuration mode Mar 9 11:57:52 router1 mgd[28332]: %INTERACT-5-UI_DBASE_LOGOUT_EVENT: User 'aviva' exiting configuration mode
In the first message the priority is %AUTH-6, which indicates that this message was generated by the authorization facility. The severity is 6, so you know that it's an informational message. The remaining three messages have a priority of %INTERACT-5, so they come from the interactive commands facility and have a severity of 5, or notice.
You could also match on a specific priority of interest. Here we show only critical messages (severity of 2):
aviva@router1> show log messages | match -2- Jun 10 03:06:51 router1 /kernel: %KERN-2-CPU: Pentium II/Pentium II Xeon/Celer on (331.71-MHz 686-class CPU) Jun 10 03:06:51 router1 /kernel: %KERN-2-DEVFS: ready for devices Jun 10 03:06:51 router1 /kernel: %KERN-2-DEVFS: ready to run Jun 10 03:07:10 router1 snmpd[2722]: %DAEMON-2-SNMPD_TRAP_COLD_START: trap_gen erate_cold: SNMP trap: cold start
The message string always reports the original, local facility. If a message belongs to a JUNOS-specific facility, the JUNOS system logging utility still uses an alternate facility for the message itself when directing messages to a remote machine.
Router Configuration and File Management
Basic Router Security and Access Control
IPSec
SNMP
Logging
NTP
Router Interfaces
IP Routing
Routing Policy and Firewall Filters
RIP
IS-IS
OSPF
BGP
MPLS
VPNs
IP Multicast