summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhagbard-01 <39653662+hagbard-01@users.noreply.github.com>2018-10-03 11:05:35 -0700
committerGitHub <noreply@github.com>2018-10-03 11:05:35 -0700
commit6e9b6715684d1e7dab91ebede989254e723cbe06 (patch)
tree710c29c060b4bd227d17daff13aadcb6a23ef5fd
parent4b07918792a52a6c639260971a2498f0c198693b (diff)
parent21ffdb13e7c9928764395ccdabda5e3d237d5db8 (diff)
downloadvyos-documentation-6e9b6715684d1e7dab91ebede989254e723cbe06.tar.gz
vyos-documentation-6e9b6715684d1e7dab91ebede989254e723cbe06.zip
Merge pull request #2 from hagbard-01/master
T759: Update wiki.vyos.net syslog config options
-rw-r--r--docs/ch12-system.rst110
1 files changed, 110 insertions, 0 deletions
diff --git a/docs/ch12-system.rst b/docs/ch12-system.rst
index 5458f2e6..0a02944f 100644
--- a/docs/ch12-system.rst
+++ b/docs/ch12-system.rst
@@ -66,3 +66,113 @@ remote system:
loadkey jsmith scp://devuser@dev001.vyos.net/home/devuser/.ssh/dev.pub
+Syslog
+======
+
+Per default vyos has minimal syslog logging enabled which is stored and rotated locally.
+Errors will be always logged to a local file, which includes local7 error messages, emergency messages will be sent to the console too.
+
+Configuration
+-------------
+
+To configure syslog, you need to switch into configuration mode.
+
+
+Logging to serial console
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The below would log all messages to /dev/console.
+
+.. code-block:: sh
+
+ set system syslog console facility all level all
+
+
+Use the <tab> function to display all facilities and levels which can be configured.
+
+.. code-block:: sh
+
+ vyos@vyos# set system syslog console facility <TAB>
+ Possible completions:
+ > all All facilities excluding "mark"
+ > auth Authentication and authorization
+ > authpriv Non-system authorization
+ > cron Cron daemon
+ > daemon System daemons
+ > kern Kernel
+ > lpr Line printer spooler
+ > mail Mail subsystem
+ > mark Timestamp
+ > news USENET subsystem
+ > protocols depricated will be set to local7
+ > security depricated will be set to auth
+ > syslog Authentication and authorization
+ > user Application processes
+ > uucp UUCP subsystem
+ > local0 Local facility 0
+ > local1 Local facility 1
+ > local2 Local facility 2
+ > local3 Local facility 3
+ > local4 Local facility 4
+ > local5 Local facility 5
+ > local6 Local facility 6
+ > local7 Local facility 7
+
+ vyos@vyos# set system syslog console facility all level <TAB>
+ Possible completions:
+ emerg Emergency messages
+ alert Urgent messages
+ crit Critical messages
+ err Error messages
+ warning Warning messages
+ notice Messages for further investigation
+ info Informational messages
+ debug Debug messages
+ all Log everything
+
+Logging to a custom file
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Logging to a custom file, rotation size and the number of rotate files left on the system can be configured.
+
+.. code-block:: sh
+
+ set system syslog file <FILENAME> facility <FACILITY> level <LEVEL>
+ set system syslog file <FILENAME> archive file <NUMBER OF FILES>
+ set system syslog file FILENAME archive size <FILESIZE>
+
+The very same setting can be applied to the global configuration, to modify the defaults for the global logging.
+
+Logging to a remote host
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+Logging to a remote host leaves the local logging configuration intact, it can be configured in parallel.
+You can log ro multiple hosts at the same time, using either tcp or udp. The default is sending the messages via udp.
+
+**Logging to a remote host using udp**
+
+.. code-block:: sh
+
+ set system syslog host 10.1.1.1 facility all level all
+ <optional>
+ set system syslog host 10.1.1.1 facility all protocol udp
+
+
+**Logging to a remote host using tcp**
+
+.. code-block:: sh
+
+ set system syslog host 10.1.1.2 facility all level all
+ set system syslog host 10.1.1.2 facility all protocol tcp
+
+
+Logging to a local user account
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+If logging to a local useraccount is configured, all defined log messages are display on the console if the local user is logged in,
+if the user is not logged in, no messages are being displayed.
+
+.. code-block:: sh
+
+ set system syslog user <LOCAL_USERNAME> facility <FACILITY> level <LEVEL>
+