Junos Automation (Scripting)
Highlighted
Junos Automation (Scripting)

Logging data to syslog server?

‎03-13-2015 09:47 AM

Hi all,

 

I have a SLAX script that logs an activity to the messages log:

 

	       <commit-options> {
	           <log> "Blocking prefix: " _ $prefix _ ", " _ $reason;

	        }
	    }

 Which does show up in the log!

Mar 13 16:42:24  va-mx-1 sshd[32304]: Accepted publickey for matts from 10.32.8.23 port 51570 ssh2
Mar 13 16:42:26  va-mx-1 file[32309]: UI_COMMIT: User 'matts' requested 'commit' operation (comment: Blocking prefix: 27.153.217.164/32, Turning block back on after testing)

 

 However, I would like for this to get to an existing syslog server.  Here is my config:

> show configuration system syslog 
user * {
    any emergency;
}
host 10.64.1.96 {
    any notice;
    authorization info;
    change-log none;
    interactive-commands none;
    port 1514;
    structured-data;
}
file messages {
    any notice;
    authorization info;
}
file interactive-commands {
    interactive-commands any;
}

 All I am seeing on the syslog server is the login, not the actual commit with the comments.  I assume this has something to do with the fact that the entry is tagged as "file," but I have no idea how to fix it.  Any assistance would be greatly appreciated, thanks!

2 REPLIES 2
Highlighted
Junos Automation (Scripting)

Re: Logging data to syslog server?

‎03-13-2015 12:35 PM

You should change this line :

 

interactive-commands none;

Into

interactive-commands any

 

That should make log all the command towards you syslog server

Marc



-----------------------------------------------------------------
Please Mark My Solution Accepted if it Helped, Kudos are Appreciated Too
-----------------------------------------------------------------
Highlighted
Junos Automation (Scripting)
Solution
Accepted by topic author msingerman
‎08-26-2015 01:27 AM

Re: Logging data to syslog server?

‎03-13-2015 12:43 PM

Thanks for the suggestion, Mark, but I don't want to capture all interactive commands.  I was able to resolve this by adding the following to my SLAX script:

 

expr jcs:syslog("external.info","Blocking prefix: ", $prefix, ", ", $reason);

 And adding external info logging to the host syslog.

Feedback