System Logging (SYSLOG)
SONiC switches send system message outputs to a logging process; this is called System Message Logging (SYSLOG). This displays all the currently stored log messages. All the latest processes and corresponding transactions are stored in the syslog file. This file is saved in the path /var/log and can be viewed by giving the command sudo cat syslog as this requires a root login.
Configure SYSLOG
Follow the below steps to configure SYSLOG server parameters.
|
Step |
Command |
Description |
|---|---|---|
|
1 |
config syslog add <ip_address> |
Configure the SYSLOG server.
|
|
2 |
show logging [OPTIONS] [PROCESS] |
Display the currently stored log message.
|
|
3 |
sudo config save –y |
Optional: Save the current configuration to be part of the startup configuration. |
The example below shows the commands used to configure an IPv4 SYSLOG server.
|
admin@sonic:~$ sudo config syslog add 192.168.86.24 |
|
|
Syslog server 192.168.86.24 added to configuration |
|
|
Restarting rsyslog-config service... |
|
|
admin@sonic:~$ show logging –follow |
Note: Truncated output is added here. |
|
Jul 21 19:04:59.164028 sonic INFO systemd[1]: rsyslog.service: Succeeded. |
|
|
Jul 21 19:04:59.164386 sonic INFO systemd[1]: Stopped System Logging Service. |
|
|
Jul 21 19:04:59.178349 sonic INFO systemd[1]: Starting System Logging Service... |
|
|
Jul 21 19:04:59.221866 sonic INFO rsyslogd: imuxsock: Acquired UNIX socket '/run /systemd/journal/syslog' (fd 3) from systemd. [v8.1901.0] |
|
The example below shows the commands used to configure an IPv6 SYSLOG server.
|
admin@sonic:~$ sudo config syslog add fddd:0:0:1::1 |
|
Syslog server fddd:0:0:1::1 added to configuration |
|
Restarting rsyslog-config service… |
|
root@sonic:/var/log# |
Delete SYSLOG
Follow the below steps to delete configured SYSLOG server parameters.
|
Step |
Command |
Description |
|---|---|---|
|
1 |
config syslog del <ip_address> |
Remove the SYSLOG server.
|
|
2 |
show logging [OPTIONS] [PROCESS] |
Display the currently stored log message.
|
|
3 |
sudo config save –y |
Optional: Save the current configuration to be part of the startup configuration. |
The example below shows the commands used to delete the SYSLOG server.
|
admin@sonic:~$ sudo config syslog del 192.168.86.24 |
|
|
Syslog server 192.168.86.24 removed from configuration |
|
|
Restarting rsyslog-config service... |
|
|
admin@sonic:~$ show logging –follow |
Note: Truncated output is added here. |
|
Jul 21 19:06:51.627399 sonic INFO dhclient[1633]: XMT: Solicit on eth0, interval 114510ms. |
|
|
Jul 21 19:06:54.788887 sonic INFO rsyslogd: [origin software="rsyslogd" swVersion="8.1901.0" x-pid="5744" x-info="https://www.rsyslog.com"] exiting on signal 15. |
|
|
Jul 21 19:06:54.794217 sonic INFO systemd[1]: Stopping System Logging Service... |
|
|
Jul 21 19:06:54.797112 sonic INFO systemd[1]: rsyslog.service: Succeeded. |
|
|
Jul 21 19:06:54.799299 sonic INFO systemd[1]: Stopped System Logging Service. |
|
|
Jul 21 19:06:54.813666 sonic INFO systemd[1]: Starting System Logging Service... |
|