Junos
Highlighted
Junos

Log name is appearing in remote logging conents

‎02-03-2019 01:35 PM

I have configured a remote logging feature on my juniper 48 port EX2300 switch to send the message and user logs to my ElasticSearch-Logstash-Kibana (aka ELK) stack by using this command:

set system syslog host 10.209.143.121 any any

I can't see the log name in the remote machine log contents.

can somebody please help on this?

5 REPLIES 5
Highlighted
Junos

Re: Log name is appearing in remote logging conents

‎02-04-2019 02:04 AM

Hi Premkumar,

 

The config is enough for external syslog to start recording log messages from EX.  You can check the logs recorded on the EX itself by enabling "set system syslog file messages any any" and checking "show log messages | no-more" for the new logs recorded.

 

Then, check and ensure IP connectivity from the switch to syslog host IP "10.209.143.121" and ensure write permissions on the default directory where logs are supposed to be recorded.

 

Hope this helps.

Regards,
-r.

--------------------------------------------------

If this solves your problem, please mark this post as "Accepted Solution."
Kudos are always appreciated :).

Highlighted
Junos

Re: Log name is appearing in remote logging conents

‎02-04-2019 03:26 PM

Thanks mriyaz.

We are getting the logs at the remote system, only the log name is not appearing.

For example, we have below logs at the switch.

message

ntxp-login.log

ntxp.log

Please let me know how to send the log name as to remote system.

Thanks,

Premkumar J

 

Highlighted
Junos

Re: Log name is appearing in remote logging conents

‎02-04-2019 03:48 PM

Add the log prefix parameter as noted in this kb article to include a host name with the logs.

 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB12679

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Highlighted
Junos

Re: Log name is not appearing in remote logging conents

‎02-06-2019 02:20 AM

Thanks Spuluku.

I believe the log-prefix is just to differentiate the logs from a different host, but I am looking for the configuration to show the name of log in log contents.

For example,

If I execute show log command, it displays numerous log names, I want those log names as well as to get appended in the message. Could you please help me with this.

Attaching the screenshot for your reference.

show_log.png

Highlighted
Junos

Re: Log name is not appearing in remote logging conents

‎02-06-2019 02:41 AM

I'm not aware of any way to include the file information.  As far as I know the only organization available for the syslog messages is the facility designation.

 

Steve Puluka BSEET - Juniper Ambassador
IP Architect - DQE Communications Pittsburgh, PA (Metro Ethernet & ISP)
http://puluka.com/home
Feedback