Including the Facility and Severity in Messages

Problem

Your system logfiles contain lots of messages, and you want to use the severity levels to distinguish the important ones from the informational ones.

Solution

Include the severity level in each logging message:

	[edit system syslog file messages]
	aviva@router1# set explicit-priority

 

Discussion

When you configure each system logfile and include the explicitly-priority statement, all system log messages contain the priority, which is a combination of the facility and severity level. The following example highlights the priority for messages in the logfile.


	aviva@router1> 
show log messages | match "Mar 9 11:5"
	Mar 9 11:54:31 router1 login: % 
AUTH-6-LOGIN_INFORMATION: User aviva logged in from
	host 172.17.28.19 on device ttyp1
	Mar 9 11:54:34 router1 mgd[29108]: % 
INTERACT-5-UI_DBASE_LOGIN_EVENT: User 'aviva'
	entering configuration mode
	Mar 9 11:56:13 router1 mgd[29108]: %INTERACT-5-UI_DBASE_LOGOUT_EVENT: User 'aviva'
	exiting configuration mode
	Mar 9 11:57:52 router1 mgd[28332]: %INTERACT-5-UI_DBASE_LOGOUT_EVENT: User 'aviva'
	exiting configuration mode

In the first message the priority is %AUTH-6, which indicates that this message was generated by the authorization facility. The severity is 6, so you know that it's an informational message. The remaining three messages have a priority of %INTERACT-5, so they come from the interactive commands facility and have a severity of 5, or notice.

You could also match on a specific priority of interest. Here we show only critical messages (severity of 2):

	aviva@router1> show log messages | match -2-
	Jun 10 03:06:51 router1 /kernel: %KERN-2-CPU: Pentium II/Pentium II Xeon/Celer
	on (331.71-MHz 686-class CPU)
	Jun 10 03:06:51 router1 /kernel: %KERN-2-DEVFS: ready for devices
	Jun 10 03:06:51 router1 /kernel: %KERN-2-DEVFS: ready to run
	Jun 10 03:07:10 router1 snmpd[2722]: %DAEMON-2-SNMPD_TRAP_COLD_START: trap_gen
	erate_cold: SNMP trap: cold start

The message string always reports the original, local facility. If a message belongs to a JUNOS-specific facility, the JUNOS system logging utility still uses an alternate facility for the message itself when directing messages to a remote machine.


Router Configuration and File Management

Basic Router Security and Access Control

IPSec

SNMP

Logging

NTP

Router Interfaces

IP Routing

Routing Policy and Firewall Filters

RIP

IS-IS

OSPF

BGP

MPLS

VPNs

IP Multicast



JUNOS Cookbook
Junos Cookbook (Cookbooks (OReilly))
ISBN: 0596100140
EAN: 2147483647
Year: 2007
Pages: 290
Authors: Aviva Garrett

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net