syslog filter

Owned by Jean-luc KRIKER
Last updated: Jul 05, 2020
1 min read


https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/syslog-edit-system.html


To create a filter:

1- create the action / 

2- look for the log message ( show log message )

3- Optional: look for some help:   help syslog BFDD_TRAP_SHOP_STATE_UP

4- filter on deamon 





only bgp
only bfd




Regular expressionhttps://www.juniper.net/documentation/en_US/junos/topics/task/configuration/syslog-regular-expressions-usage-log-messages-refining.html

The match-strings statement performs a simple string comparison, and as a result, it is less CPU-intensive than using the 

match statement to match against complex regular expressions

match-strings
match-strings Matching string(s) for lines to be logged

{master:0}
root@QFX5100-1-RL102> show configuration system syslog host 172.30.92.117
authorization any;
daemon warning;
ntp any;
user any;
change-log any;
match-strings [ bfdd sshd mgd ];

{master:0}
root@QFX5100-1-RL102> show configuration system syslog host 172.30.92.117 | display set
set system syslog host 172.30.92.117 authorization any
set system syslog host 172.30.92.117 daemon warning
set system syslog host 172.30.92.117 ntp any
set system syslog host 172.30.92.117 user any
set system syslog host 172.30.92.117 change-log any
set system syslog host 172.30.92.117 match-strings bfdd
set system syslog host 172.30.92.117 match-strings sshd
set system syslog host 172.30.92.117 match-strings mgd


match<match> Regular expression for lines to be logged