Junos OS

last person joined: 6 days ago 

Ask questions and share experiences about Junos OS.

  • 1.  /var/log/message filter out for matching text

    Posted 09-27-2018 17:02

    Hi,

     

    We are runnung Junos Fusion Ent now and I'd like to filter out some of micellenious message from /var/log/message file.

     

    I have applied match !( xxx) option and I can't see a log on EX9200 switch , but I can see thaose log on our syslog server.

     

    I don't like to see it on syslog server also.

     

    Please give me a piece of advice.

     

    switch>sh log messages | match QSFP | last 10
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 2: Tx bias high warning cleared
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 2: Rx power low alarm cleared
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 2: Rx power low warning cleared
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 3: Tx bias low alarm cleared
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 3: Tx bias high warning cleared
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 3: Tx bias low warning cleared
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 3: Rx power high warning cleared
    Sep 26 22:35:43 sd192 spfe[942]: Rear QSFP+ PIC Chan# 3: Rx power low warning cleared
    Sep 26 22:36:41 sd191 spfe[938]: Rear QSFP+ PIC Chan# 0: Rx power low warning set

     

    But on syslog server ,

     

           
      9/27/2018 4:56:42 PM   Critical sd192 spfe[942]: Rear QSFP+ PIC Chan# 3: Rx power high warning cleared
      9/27/2018 4:56:41 PM   Critical sd192 spfe[942]: Rear QSFP+ PIC Chan# 3: Tx bias high alarm cleared

     



  • 2.  RE: /var/log/message filter out for matching text

    Posted 09-27-2018 17:16

    The log messages exclusion only applies to the file logging.

     

    you need to add the same match criteria under the syslog server to apply there as well.

    system syslog host x.x.x.x match ?????

     



  • 3.  RE: /var/log/message filter out for matching text

    Posted 09-28-2018 08:39
    Hi Steve , Thanks for your advice. But I am still have log on syslog server. my config on EX9204 set system syslog host 10.111.1.25 match "!(Rear QSFP+|junos@2636.1.1.1.2.104|last message repeated);" set system syslog file messages match "!(Rear QSFP+|junos@2636.1.1.1.2.104|last message repeated)" Filter is working fine except last one ( last message repeated ) on switch side. But on syslog server , I still see log which i want to filter out. TIME OF MESSAGE HOSTNAME SEVERITY MESSAGE 9/28/2018 8:36:35 AM 10.x.x.x Critical sd191 spfe[938]: Rear QSFP+ PIC: VCC low warning cleared 9/28/2018 8:36:35 AM 10.x.x.x Critical sd191 spfe[938]: Rear QSFP+ PIC Chan# 0: Rx power low warning set 9/28/2018 8:36:34 AM 10.x.x.x Critical sd191 spfe[938]: Rear QSFP+ PIC Chan# 0: Rx power low warning set Could you let me know what's wrong? Regards,


  • 4.  RE: /var/log/message filter out for matching text
    Best Answer

    Posted 09-28-2018 12:22

    The problem is miss-typo at below .

    After delete ; , it works as I expect.

    set system syslog host 10.111.1.25 match "!(Rear QSFP+|junos@2636.1.1.1.2.104|last message repeated);"
    set system syslog file messages match "!(Rear QSFP+|junos@2636.1.1.1.2.104|last message repeated)"



  • 5.  RE: /var/log/message filter out for matching text

     
    Posted 09-29-2018 20:43

    KB on “How to prevent certain syslog messages from being written to the log file”

     

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB9382