Syslog Follow
Reference model:
- Switch model name:
- AS7726-32X
- AS7326-56X
- AS7816-64X
- AS5835-54X(T)
- AS4630-54PE
- AS9716-32D
- AS8000(Minipack)
- Wedge100BF-32X
- Edgecore SONiC version:
- Edgecore-SONiC_20201123_130028_ec202006_74
- Edgecore-SONiC_20201229_070315_ec202006_101
- Edgecore-SONiC_20201229_070315_ec202006_bfn_65(Wedge100BF-32X)
Restriction:
- There is no SONiC command for system log
Example : Syslog
Note:
This command displays all the currently stored log messages. All the latest processes and corresponding transactions are stored in the "syslog" file. This file is saved in the path /var/log and can be viewed by giving the command sudo cat syslog as this requires root login.
admin@sonic:~$ show logging
Optionally, you can follow the log live as entries are written to it by specifying the -f or --follow flag
admin@sonic:~$ show logging --follow
Example: remote syslog server
Reference model:
- Switch model name: AS7816-64X
- Edgecore SONiC version: SONiC.Edgecore-SONiC_20200116_051623_ec201904_128
Restriction:
- There's no SONiC command for remote syslog server.
Procedure :
Step 1. Edit /etc/sonic/config_db.json instead of SONiC command.
Add syslog server and its IP address.
admin@sonic:/etc/sonic$ sudo vi config_db.json
{
...
"SYSLOG_SERVER": {
"192.168.1.3": {}
},
...
}
Step 2. config reload or power cycle the switch
admin@sonic:~$ sudo config reload -y
Caution:
- Make sure switch IP address and connectivity works well. (refer to Management IP address)
Result: Switch sends syslog traps (all severity levels) to syslog server.
Example: Adjust severity level for remote syslog server
Restriction:
- There's no SONiC command
Default setting: all severity levels
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2
omitted...
#Set remote syslog server
{% for server in SYSLOG_SERVER %}
*.* @{{ server }}:514;SONiCFileFormat
{% endfor %}
omitted...
Step 1. Edit the file /usr/share/sonic/templates/rsyslog.conf.j2
Warning and below. (Level 0 ~ 4)
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2 { % for server in SYSLOG_SERVER % } *.warning @{{ server }}:514;SONiCFileFormat { % endfor % }
Only warning level. (Only Level 4)
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2 {% for server in SYSLOG_SERVER %} *.=warning @{{ server }}:514;SONiCFileFormat {% endfor %}
All severity levels except warning. (Level 0 ~ 7 except Level 4)
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2 {% for server in SYSLOG_SERVER %} *.debug;*.!=warning @{{ server }}:514;SONiCFileFormat {% endfor %}
Note:
Here's the Severity level by the standard.
Value | Severity | Keyword |
0 | Emergency | emerg |
1 | Alert | alert |
2 | Critical | crit |
3 | Error | err |
4 | Warning | warning |
5 | Notice | notice |
6 | Informational | info |
7 | Debug | debug |
Step 2: Restart syslog service
admin@sonic:~$ sudo systemctl restart rsyslog-config
Comments
0 comments
Please sign in to leave a comment.