diff options
author | hagbard-01 <39653662+hagbard-01@users.noreply.github.com> | 2018-10-03 11:05:35 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-10-03 11:05:35 -0700 |
commit | 6e9b6715684d1e7dab91ebede989254e723cbe06 (patch) | |
tree | 710c29c060b4bd227d17daff13aadcb6a23ef5fd | |
parent | 4b07918792a52a6c639260971a2498f0c198693b (diff) | |
parent | 21ffdb13e7c9928764395ccdabda5e3d237d5db8 (diff) | |
download | vyos-documentation-6e9b6715684d1e7dab91ebede989254e723cbe06.tar.gz vyos-documentation-6e9b6715684d1e7dab91ebede989254e723cbe06.zip |
Merge pull request #2 from hagbard-01/master
T759: Update wiki.vyos.net syslog config options
-rw-r--r-- | docs/ch12-system.rst | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/docs/ch12-system.rst b/docs/ch12-system.rst index 5458f2e6..0a02944f 100644 --- a/docs/ch12-system.rst +++ b/docs/ch12-system.rst @@ -66,3 +66,113 @@ remote system: loadkey jsmith scp://devuser@dev001.vyos.net/home/devuser/.ssh/dev.pub +Syslog +====== + +Per default vyos has minimal syslog logging enabled which is stored and rotated locally. +Errors will be always logged to a local file, which includes local7 error messages, emergency messages will be sent to the console too. + +Configuration +------------- + +To configure syslog, you need to switch into configuration mode. + + +Logging to serial console +^^^^^^^^^^^^^^^^^^^^^^^^^ + +The below would log all messages to /dev/console. + +.. code-block:: sh + + set system syslog console facility all level all + + +Use the <tab> function to display all facilities and levels which can be configured. + +.. code-block:: sh + + vyos@vyos# set system syslog console facility <TAB> + Possible completions: + > all All facilities excluding "mark" + > auth Authentication and authorization + > authpriv Non-system authorization + > cron Cron daemon + > daemon System daemons + > kern Kernel + > lpr Line printer spooler + > mail Mail subsystem + > mark Timestamp + > news USENET subsystem + > protocols depricated will be set to local7 + > security depricated will be set to auth + > syslog Authentication and authorization + > user Application processes + > uucp UUCP subsystem + > local0 Local facility 0 + > local1 Local facility 1 + > local2 Local facility 2 + > local3 Local facility 3 + > local4 Local facility 4 + > local5 Local facility 5 + > local6 Local facility 6 + > local7 Local facility 7 + + vyos@vyos# set system syslog console facility all level <TAB> + Possible completions: + emerg Emergency messages + alert Urgent messages + crit Critical messages + err Error messages + warning Warning messages + notice Messages for further investigation + info Informational messages + debug Debug messages + all Log everything + +Logging to a custom file +^^^^^^^^^^^^^^^^^^^^^^^^^ + +Logging to a custom file, rotation size and the number of rotate files left on the system can be configured. + +.. code-block:: sh + + set system syslog file <FILENAME> facility <FACILITY> level <LEVEL> + set system syslog file <FILENAME> archive file <NUMBER OF FILES> + set system syslog file FILENAME archive size <FILESIZE> + +The very same setting can be applied to the global configuration, to modify the defaults for the global logging. + +Logging to a remote host +^^^^^^^^^^^^^^^^^^^^^^^^ + +Logging to a remote host leaves the local logging configuration intact, it can be configured in parallel. +You can log ro multiple hosts at the same time, using either tcp or udp. The default is sending the messages via udp. + +**Logging to a remote host using udp** + +.. code-block:: sh + + set system syslog host 10.1.1.1 facility all level all + <optional> + set system syslog host 10.1.1.1 facility all protocol udp + + +**Logging to a remote host using tcp** + +.. code-block:: sh + + set system syslog host 10.1.1.2 facility all level all + set system syslog host 10.1.1.2 facility all protocol tcp + + +Logging to a local user account +^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + +If logging to a local useraccount is configured, all defined log messages are display on the console if the local user is logged in, +if the user is not logged in, no messages are being displayed. + +.. code-block:: sh + + set system syslog user <LOCAL_USERNAME> facility <FACILITY> level <LEVEL> + |