System Logging Protocol (Syslog)
By default switch sends out syslog to syslog server with all severity levels.
Local syslog
All the messages are stored in the syslog file in /var/log. Users can view it by issuing the “sudo cat syslog” command.
This SONiC CLI command displays all the available log messages.
admin@sonic:~$ show loggingPlease use the -f or -follow flag to follow the live logging.
admin@sonic:~$ show logging --followRemote syslog server
Figure 1. Network topology
Prerequisite:
Check your network addresses and ensure connectivity between systems.
admin@sonic:~$ sudo config syslog add 192.168.0.1
Running command: systemctl reset-failed rsyslog-config rsyslog
Running command: systemctl restart rsyslog-configAdjust the severity level for the remote syslog server
The syslog configuration file location is /usr/share/sonic/templates/rsyslog.conf.j2
| Value | Severity | Keyword |
|---|---|---|
| 0 | Emergency | emerg |
| 1 | Alert | alert |
| 2 | Critical | crit |
| 3 | Error | err |
| 4 | Warning | warning |
| 5 | Notice | notice |
| 6 | Informational | info |
| 7 | Debug | debug |
Notice and below (levels 0 ~ 5)
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2
{ % for server in SYSLOG_SERVER % }
*.notice @{{ server }}:514;SONiCFileFormat
{ % endfor % }Only error level (level 3).
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2
{% for server in SYSLOG_SERVER %}
*.=error @{{ server }}:514;SONiCFileFormat
{% endfor %}All severity levels except warnings (levels 0 ~ 7 except 4).
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2
{% for server in SYSLOG_SERVER %}
*.debug;*.!=warning @{{ server }}:514;SONiCFileFormat
{% endfor %}Restart syslog service:
admin@sonic:~$ sudo systemctl restart rsyslog-config