Switching

 View Only
last person joined: 3 days ago 

Ask questions and share experiences about EX and QFX portfolios and all switching solutions across your data center, campus, and branch locations.
  • 1.  logs

     
    Posted 10-03-2019 17:06

    Hi all,

    After performing the followings, 

                    ex4200>request system storage cleanup dry-run

                    ex4200>request system storage cleanup

     

    1-) >show log messages--------> Why does it give the following error.
                         error: could not resolve file: messages

     

    2-) >show log interactive-commands ----->Working. It gives logs....no problem. All good

     

    3-) >show log default-log-messages------------>Why it gives the following?
                   Oct 3 17:04:21 EX_4200 newsyslog[66983]: logfile turned over due to -F request

     

    4-) According to the current syslog, which are logs sending to the log Server?

     

    5-) Some syslog config under the groups, some under the system stanza. See below pls. Which one is not correct? Why can syslog be at the different stanzas?

     

    The current config:

     

    set groups SYSTEM1 system syslog user * any emergency
    set groups SYSTEM1 system syslog host 10.10.30.100 any emergency
    set groups SYSTEM1 system syslog host 10.10.30.100 authorization info
    set groups SYSTEM1 system syslog host 10.10.30.100 firewall any
    set groups SYSTEM1 system syslog host 10.10.30.1000 interactive-commands info
    set groups SYSTEM1 system syslog file messages any notice
    set groups SYSTEM1 system syslog file messages authorization info
    set groups SYSTEM1 system syslog file interactive-commands interactive-commands any
    set groups SYSTEM1 system syslog file emergency any emergency
    set groups SYSTEM1 system syslog file firewall firewall notice
    set groups SYSTEM1 system syslog file default-log-messages any any
    set groups SYSTEM1 system syslog file default-log-messages structured-data
    set groups SYSTEM1 system syslog file authorization authorization any
    set system syslog file default-log-messages any any
    set system syslog file default-log-messages match "(FRU Offline)|(FRU Online)|(FRU insertion)|(FRU power)|(FRU removal)|(commit complete)|(copying configuration to juniper.save)|(license add)|(license delete)|(link UP)|(package -X delete)|(package -X update)|(plugged in)|(requested 'commit synchronize' operation)|(requested 'commit' operation)|(unplugged)|Transferred|ifAdminStatus|transfer-file|transitioned|(Backup changed)|(Backup detected)|(Master Changed, Members Changed)|(Master Detected, Members Changed)|(Master Unchanged, Members Changed)|(Master changed)|(Master detected)|(interface vcp-)|(vc add)|(vc delete)|cm_device|(AIS_DATA_AVAILABLE)"
    set system syslog file default-log-messages structured-data

    set system apply-groups SYSTEM1
     file list /var/log/ detail
    
    /var/log/:
    total blocks: 3436
    -rw-r--r--  1 root  wheel          0 Mar 4   2018 authd_libstats
    -rw-r--r--  1 root  wheel          0 Mar 4   2018 authd_profilelib
    -rw-r--r--  1 root  wheel          0 Mar 4   2018 authd_sdb.log
    -rw-rw----  1 root  wheel      73854 Oct 4  09:50 authorization
    -rw-rw----  1 root  wheel       4306 Oct 4  09:00 authorization.0.gz
    -rw-rw----  1 root  wheel       3948 Oct 4  07:00 authorization.1.gz
    -rw-rw----  1 root  wheel       4022 Oct 4  05:15 authorization.2.gz
    -rw-rw----  1 root  wheel       4258 Oct 4  03:30 authorization.3.gz
    -rw-rw----  1 root  wheel       4049 Oct 4  01:45 authorization.4.gz
    -rw-rw----  1 root  wheel       4772 Oct 4  00:00 authorization.5.gz
    -rw-rw----  1 root  wheel       4057 Oct 3  20:45 authorization.6.gz
    -rw-rw----  1 root  wheel       4378 Oct 3  19:00 authorization.7.gz
    -rw-rw----  1 root  wheel        324 Oct 3  17:04 authorization.8.gz
    -rw-r-----  1 root  wheel      44088 Oct 4  09:08 chassisd
    -rw-r--r--  1 root  wheel     141950 Jul 10 22:53 cosd
    -rw-r-----  1 root  wheel     219711 Oct 3  10:38 dcd
    -rw-rw----  1 root  wheel         84 Oct 3  17:04 default-log-messages
    -rw-rw----  1 root  wheel        138 Oct 3  17:04 default-log-messages.0.gz
    -rw-r--r--  1 root  wheel          0 Mar 4   2018 dfwc
    -rw-r--r--  1 root  wheel     122540 Oct 4  09:50 dhcp
    -rw-r--r--  1 root  wheel       6501 Oct 4  09:34 dhcp.0.gz
    -rw-r--r--  1 root  wheel       6489 Oct 4  09:17 dhcp.1.gz
    -rw-r-----  1 root  wheel          0 Mar 4   2018 eccd
    -rw-rw----  1 root  wheel         84 Oct 3  17:04 emergency
    -rw-rw----  1 root  wheel        127 Oct 3  17:04 emergency.0.gz
    -rw-r-----  1 root  wheel     950465 Oct 4  03:26 erp-default
    drwxrwxr-x  2 ext   ext          512 Mar 4   2018 ext/
    -rw-rw----  1 root  wheel         84 Oct 3  17:04 firewall
    -rw-rw----  1 root  wheel        126 Oct 3  17:04 firewall.0.gz
    drwxrwxrwt  3 root  wheel        512 Mar 4   2018 flowc/
    drwxrwxrwt  3 root  wheel        512 Mar 4   2018 ggsn/
    -rw-r--r--  1 root  wheel      11710 Jul 10 22:53 gres-tp
    -rw-r--r--  1 root  wheel       2790 Jul 10 22:53 httpd.log
    -rw-rw----  1 root  wheel       7271 Oct 4  09:50 interactive-commands
    -rw-rw----  1 root  wheel        805 Oct 3  17:04 interactive-commands.0.gz
    -rw-r-----  1 root  wheel       7130 Jul 10 22:53 inventory
    -rw-r-----  1 root  wheel          0 Mar 4   2018 license
    -rw-r--r--  1 root  wheel       6220 Jul 10 22:53 license_subs_trace.log
    -rw-r-----  1 root  wheel       1370 Jul 10 22:53 mastership
    -rw-r--r--  1 root  wheel        480 Jul 10 22:51 pgmd
    -rw-r--r--  1 root  wheel       5080 Jul 10 23:01 snapshot
    -rw-rw-r--  1 root  wheel       4616 Oct 4  09:25 wtmp
    -rw-rw-r--  1 root  wheel         27 Oct 3  17:01 wtmp.0.gz
    total files: 40
    
    {master:0}
    

     

     



  • 2.  RE: logs
    Best Answer

     
    Posted 10-03-2019 20:51

     

    perform "commit | display detail"

    check show log messages  & show log default-log-messages then.

     

    if that doesn't help, try commit full | display detail and check.

     

    for group, you have SYSTEM1 group applied, logs should go to the configured hosts and you haven't configured a host in the default. Matching ones from group to default is mapped. I would  suggest to have syslog conf in either default or group, not both to aviod confusion.

     

     

     

     



  • 3.  RE: logs

     
    Posted 10-03-2019 23:38

    Hi, thanks for reply.

    I am not sure which one of the following commands fixed the problem. After the first executing the command -#commit | display detail, I couldn't do this >show log messages. I just looked at the output and couldn't see related things, I then execute the second command -#commit full | display detail... I then did >show log messages. I saw that the problem fixed....

    log messages  and others startted logging.....

    CAn I ask please, where exaclty to see the problem is fixing in the outputs these two commands? And what these two commands are doing?

     

    # commit | display detail
    error: tacplus accounting configured, but no servers provided
    2019-10-04 16:01:43 EST: start loading commit script changes
    2019-10-04 16:01:43 EST: no commit script changes
    2019-10-04 16:01:43 EST: no transient commit script changes
    2019-10-04 16:01:43 EST: finished loading commit script changes
    2019-10-04 16:01:43 EST: copying juniper.db to juniper.data+
    2019-10-04 16:01:43 EST: finished copying juniper.db to juniper.data+
    2019-10-04 16:01:43 EST: exporting juniper.conf
    2019-10-04 16:01:44 EST: expanding interface-ranges
    2019-10-04 16:01:44 EST: finished expanding interface-ranges
    2019-10-04 16:01:44 EST: expanding groups
    2019-10-04 16:01:44 EST: finished expanding groups
    2019-10-04 16:01:44 EST: setup foreign files
    2019-10-04 16:01:44 EST: update license counters
    2019-10-04 16:01:44 EST: finish license counters
    2019-10-04 16:01:44 EST: propagating foreign files
    2019-10-04 16:01:45 EST: complete foreign files
    2019-10-04 16:01:45 EST: dropping unchanged foreign files
    2019-10-04 16:01:45 EST: executing 'ffp propagate'
    2019-10-04 16:01:47 EST: daemons checking new configuration
    configuration check succeeds
    2019-10-04 16:01:47 EST: executing 'ffp synchronize'
    2019-10-04 16:01:47 EST: commit wrapup...
    2019-10-04 16:01:47 EST: start ffp activate
    2019-10-04 16:01:47 EST: executing 'ffp activate'
    2019-10-04 16:01:48 EST: activating '/var/etc/pam.conf'
    2019-10-04 16:01:48 EST: activating '/var/etc/pam_radius.conf'
    2019-10-04 16:01:48 EST: activating '/var/etc/pam_tacplus.conf'
    2019-10-04 16:01:48 EST: activating '/var/etc/certs'
    2019-10-04 16:01:48 EST: executing foreign_commands
    2019-10-04 16:01:48 EST: /bin/sh /etc/rc.ui ui_setup_users (sh)
    2019-10-04 16:01:49 EST: not executing ui_commit in rc.ui
    2019-10-04 16:01:49 EST: finish ffp activate
    2019-10-04 16:01:49 EST: copying configuration to juniper.save
    2019-10-04 16:01:49 EST: db_check_constraint_ids_clear start
    2019-10-04 16:01:49 EST: db_check_constraint_ids_clear done
    2019-10-04 16:01:49 EST: db_groups_info_clear start
    2019-10-04 16:01:49 EST: db_groups_info_clear done
    2019-10-04 16:01:49 EST: activating '/var/run/db/juniper.data'
    2019-10-04 16:01:49 EST: Rotate backup configs
    2019-10-04 16:01:49 EST: ssync begins
    2019-10-04 16:01:49 EST: ssync ends
    2019-10-04 16:01:49 EST: notifying daemons of new configuration
    2019-10-04 16:01:50 EST: ssync begins
    2019-10-04 16:01:51 EST: ssync ends
    2019-10-04 16:01:51 EST: commit complete
    commit complete


    # commit full | display detail
    error: tacplus accounting configured, but no servers provided
    2019-10-04 16:05:09 EST: start loading commit script changes
    2019-10-04 16:05:09 EST: no commit script changes
    2019-10-04 16:05:09 EST: no transient commit script changes
    2019-10-04 16:05:09 EST: finished loading commit script changes
    2019-10-04 16:05:09 EST: copying juniper.db to juniper.data+
    2019-10-04 16:05:09 EST: finished copying juniper.db to juniper.data+
    2019-10-04 16:05:09 EST: exporting juniper.conf
    2019-10-04 16:05:10 EST: expanding interface-ranges
    2019-10-04 16:05:10 EST: finished expanding interface-ranges
    2019-10-04 16:05:10 EST: expanding groups
    2019-10-04 16:05:10 EST: finished expanding groups
    2019-10-04 16:05:10 EST: setup foreign files
    2019-10-04 16:05:10 EST: update license counters
    2019-10-04 16:05:10 EST: finish license counters
    2019-10-04 16:05:10 EST: propagating foreign files
    2019-10-04 16:05:12 EST: complete foreign files
    2019-10-04 16:05:12 EST: dropping unchanged foreign files
    2019-10-04 16:05:12 EST: executing 'ffp propagate'
    2019-10-04 16:05:14 EST: daemons checking new configuration
    error: tacplus accounting configured, but no servers provided
    2019-10-04 16:05:14 EST: Routing protocols process checking new configuration
    2019-10-04 16:05:15 EST: Init daemon checking new configuration
    2019-10-04 16:05:15 EST: Chassis control process checking new configuration
    2019-10-04 16:05:15 EST: Booting daemon checking new configuration
    2019-10-04 16:05:15 EST: Firewall process checking new configuration
    2019-10-04 16:05:17 EST: Interface control process checking new configuration
    2019-10-04 16:05:17 EST: Simple Network Management Protocol process checking new configuration
    2019-10-04 16:05:18 EST: Management Information Base II process checking new configuration
    2019-10-04 16:05:18 EST: Virtual Router Redundancy Protocol process checking new configuration
    2019-10-04 16:05:19 EST: Alarm control process checking new configuration
    2019-10-04 16:05:19 EST: Packet Forwarding Engine statistics management process checking new configuration
    2019-10-04 16:05:20 EST: Remote operations process checking new configuration
    2019-10-04 16:05:20 EST: Class-of-service process checking new configuration
    2019-10-04 16:05:21 EST: Port forwarding process checking new configuration
    2019-10-04 16:05:22 EST: Web management gatekeeper process checking new configuration
    2019-10-04 16:05:22 EST: Dynamic Host Configuration Protocol process checking new configuration
    2019-10-04 16:05:22 EST: Redundancy interface management process checking new configuration
    2019-10-04 16:05:22 EST: Link Aggregation Control Protocol process checking new configuration
    2019-10-04 16:05:23 EST: Tunnel OAM process checking new configuration
    2019-10-04 16:05:23 EST: Connectivity fault management process checking new configuration
    2019-10-04 16:05:23 EST: Junos Dynamic Host Configuration Protocol process checking new configuration
    2019-10-04 16:05:24 EST: General authentication process checking new configuration
    2019-10-04 16:05:24 EST: Process health monitor checking new configuration
    2019-10-04 16:05:24 EST: Database Replication process checking new configuration
    2019-10-04 16:05:25 EST: Resource cleanup process checking new configuration
    2019-10-04 16:05:25 EST: Shared memory routing socket message database process checking new configuration
    2019-10-04 16:05:25 EST: Subscriber management process checking new configuration
    2019-10-04 16:05:25 EST: PFE relay process checking new configuration
    2019-10-04 16:05:25 EST: Unified access control daemon checking new configuration
    2019-10-04 16:05:26 EST: IPSec Key Management daemon checking new configuration
    2019-10-04 16:05:26 EST: PKI service daemon checking new configuration
    2019-10-04 16:05:27 EST: Secure Neighbor Discovery Protocol process checking new configuration
    2019-10-04 16:05:27 EST: Virtual Chassis Control Protocol checking new configuration
    2019-10-04 16:05:27 EST: Chassis Manager checking new configuration
    2019-10-04 16:05:28 EST: Link Layer Discovery Protocol checking new configuration
    2019-10-04 16:05:28 EST: Ethernet Switching Process checking new configuration
    2019-10-04 16:05:28 EST: Port based Network Access Control checking new configuration
    2019-10-04 16:05:29 EST: Flow Sampling (Sflow) Daemon checking new configuration
    2019-10-04 16:05:30 EST: Autoinstallation process checking new configuration
    2019-10-04 16:05:30 EST: Connectivity fault management process checking new configuration
    2019-10-04 16:05:30 EST: Uplink failure detection process checking new configuration
    2019-10-04 16:05:31 EST: PKI service daemon checking new configuration
    2019-10-04 16:05:31 EST: Link management process checking new configuration
    2019-10-04 16:05:31 EST: Logical system multiplexer process checking new configuration
    2019-10-04 16:05:31 EST: Process used for testing libjtask functions checking new configuration
    2019-10-04 16:05:31 EST: Pragmatic General Multicast process checking new configuration
    2019-10-04 16:05:31 EST: Bidirectional Forwarding Detection process checking new configuration
    2019-10-04 16:05:31 EST: Service Deployment System (SDX) process checking new configuration
    2019-10-04 16:05:32 EST: Audit process checking new configuration
    2019-10-04 16:05:32 EST: Layer 2 address flooding and learning process checking new configuration
    2019-10-04 16:05:32 EST: Event processing process checking new configuration
    2019-10-04 16:05:32 EST: Multicast Snooping process checking new configuration
    2019-10-04 16:05:32 EST: Hostname to IP-address caching process checking new configuration
    configuration check succeeds
    2019-10-04 16:05:33 EST: executing 'ffp synchronize'
    2019-10-04 16:05:33 EST: commit wrapup...
    2019-10-04 16:05:33 EST: activating '/var/etc/init.inc'
    2019-10-04 16:05:33 EST: activating '/var/etc/ntp.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/bootpd.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/cosd.conf'
    2019-10-04 16:05:33 EST: start ffp activate
    2019-10-04 16:05:33 EST: executing 'ffp activate'
    2019-10-04 16:05:33 EST: activating '/var/etc/master.passwd'
    2019-10-04 16:05:33 EST: activating '/var/etc/inetd.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/rc.conf.inc'
    2019-10-04 16:05:33 EST: activating '/var/etc/keyadmin.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/sysids'
    2019-10-04 16:05:33 EST: activating '/var/etc/login.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/ttys'
    2019-10-04 16:05:33 EST: activating '/var/etc/resolv.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/hosts'
    2019-10-04 16:05:33 EST: activating '/var/etc/group'
    2019-10-04 16:05:33 EST: activating '/var/etc/ntp.keys'
    2019-10-04 16:05:33 EST: activating '/var/etc/newsyslog.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/pam.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/pam_radius.conf'
    2019-10-04 16:05:33 EST: activating '/var/etc/pam_tacplus.conf'
    2019-10-04 16:05:34 EST: activating '/var/etc/ifinfo.conf'
    2019-10-04 16:05:34 EST: activating '/var/etc/issue'
    2019-10-04 16:05:34 EST: activating '/var/etc/sshd_conf'
    2019-10-04 16:05:34 EST: activating '/var/etc/ssh_config'
    2019-10-04 16:05:34 EST: activating '/var/etc/certs'
    2019-10-04 16:05:34 EST: activating '/var/etc/motd'
    2019-10-04 16:05:34 EST: activating '/var/etc/tzset'
    2019-10-04 16:05:34 EST: activating '/var/etc/cosd.conf.id'
    2019-10-04 16:05:34 EST: activating '/var/etc/named.conf'
    2019-10-04 16:05:34 EST: activating '/var/etc/crontab'
    2019-10-04 16:05:34 EST: activating '/var/etc/ifmdata.conf'
    2019-10-04 16:05:34 EST: executing foreign_commands
    2019-10-04 16:05:34 EST: /bin/sh /etc/rc.ui ui_setup_users (sh)
    2019-10-04 16:05:35 EST: executing ui_commit in rc.ui
    2019-10-04 16:05:45 EST: finish ffp activate
    2019-10-04 16:05:45 EST: copying configuration to juniper.save
    2019-10-04 16:05:45 EST: db_check_constraint_ids_clear start
    2019-10-04 16:05:45 EST: db_check_constraint_ids_clear done
    2019-10-04 16:05:45 EST: db_groups_info_clear start
    2019-10-04 16:05:45 EST: db_groups_info_clear done
    2019-10-04 16:05:45 EST: activating '/var/run/db/juniper.data'
    2019-10-04 16:05:45 EST: Rotate backup configs
    2019-10-04 16:05:45 EST: ssync begins
    2019-10-04 16:05:45 EST: ssync ends
    2019-10-04 16:05:45 EST: notifying daemons of new configuration
    2019-10-04 16:05:45 EST: notifying none(0)
    2019-10-04 16:05:46 EST: cannot signal 'None process', signal 1, no pid
    2019-10-04 16:05:46 EST: notifying mgd(1)
    2019-10-04 16:05:46 EST: signaling 'Management process', pid 1244, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:46 EST: notifying rpd(2)
    2019-10-04 16:05:46 EST: signaling 'Routing protocols process', pid 1269, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:46 EST: notifying cli(3)
    2019-10-04 16:05:46 EST: cannot signal 'Command-line interface', signal 1, no pid
    2019-10-04 16:05:46 EST: notifying init(4)
    2019-10-04 16:05:47 EST: signaling 'Init daemon', pid 1, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:47 EST: notifying chassisd(5)
    2019-10-04 16:05:47 EST: signaling 'Chassis control process', pid 1260, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:47 EST: notifying xntpd(6)
    2019-10-04 16:05:47 EST: signaling 'Network time process', pid 1265, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:47 EST: notifying bootpd(7)
    2019-10-04 16:05:47 EST: cannot signal 'Booting daemon', signal 1, no pid
    2019-10-04 16:05:47 EST: notifying dfwd(8)
    2019-10-04 16:05:47 EST: signaling 'Firewall process', pid 1275, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:47 EST: notifying dcd(9)
    2019-10-04 16:05:48 EST: signaling 'Interface control process', pid 1259, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:48 EST: notifying snmpd(10)
    2019-10-04 16:05:48 EST: signaling 'Simple Network Management Protocol process', pid 1267, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:48 EST: notifying mib2d(11)
    2019-10-04 16:05:48 EST: signaling 'Management Information Base II process', pid 1268, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:48 EST: notifying vrrpd(12)
    2019-10-04 16:05:48 EST: cannot signal 'Virtual Router Redundancy Protocol process', signal 1, no pid
    2019-10-04 16:05:48 EST: notifying alarmd(13)
    2019-10-04 16:05:48 EST: signaling 'Alarm control process', pid 1261, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:48 EST: notifying pfed(14)
    2019-10-04 16:05:48 EST: signaling 'Packet Forwarding Engine statistics management process', pid 1271, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:48 EST: notifying rmopd(15)
    2019-10-04 16:05:48 EST: signaling 'Remote operations process', pid 1272, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:48 EST: notifying cosd(16)
    2019-10-04 16:05:48 EST: signaling 'Class-of-service process', pid 1273, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:48 EST: notifying fud(17)
    2019-10-04 16:05:48 EST: cannot signal 'Port forwarding process', signal 1, no pid
    2019-10-04 16:05:48 EST: notifying ksyncd(18)
    2019-10-04 16:05:48 EST: cannot signal 'Kernel replication process', signal 1, no pid
    2019-10-04 16:05:48 EST: notifying inetd(19)
    2019-10-04 16:05:49 EST: signaling 'Inet process', pid 1245, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying httpd-gk(20)
    2019-10-04 16:05:49 EST: signaling 'Web management gatekeeper process', pid 1285, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying dhcpd(21)
    2019-10-04 16:05:49 EST: signaling 'Dynamic Host Configuration Protocol process', pid 1278, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying rdd(22)
    2019-10-04 16:05:49 EST: signaling 'Redundancy interface management process', pid 1281, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying lacpd(23)
    2019-10-04 16:05:49 EST: cannot signal 'Link Aggregation Control Protocol process', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying lfmd(24)
    2019-10-04 16:05:49 EST: signaling 'Ethernet OAM Link-Fault-Management process', pid 1263, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying cfmd(27)
    2019-10-04 16:05:49 EST: signaling 'Connectivity fault management process', pid 1264, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying jdhcpd(28)
    2019-10-04 16:05:49 EST: cannot signal 'Junos Dynamic Host Configuration Protocol process', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying ssd(29)
    2019-10-04 16:05:49 EST: cannot signal 'SDK Service Daemon', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying authd(30)
    2019-10-04 16:05:49 EST: cannot signal 'General authentication process', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying mountd(31)
    2019-10-04 16:05:49 EST: cannot signal 'Service for NFS mounts requests', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying pmond(32)
    2019-10-04 16:05:49 EST: cannot signal 'Process health monitor', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying bdbrepd(33)
    2019-10-04 16:05:49 EST: signaling 'Database Replication process', pid 1280, signal 1, status 0 with notification errors disabled
    2019-10-04 16:05:49 EST: notifying res-cleanupd(34)
    2019-10-04 16:05:49 EST: cannot signal 'Resource cleanup process', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying shm-rtsdbd(35)
    2019-10-04 16:05:49 EST: signaling 'Shared memory routing socket message database process', pid 1284, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying datapath-traced(36)
    2019-10-04 16:05:49 EST: cannot signal 'DATAPATH Trace process', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying smid(37)
    2019-10-04 16:05:49 EST: signaling 'Subscriber management process', pid 1279, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying uacd(40)
    2019-10-04 16:05:49 EST: cannot signal 'Unified access control daemon', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying kmd(41)
    2019-10-04 16:05:49 EST: cannot signal 'IPSec Key Management daemon', signal 1, no pid
    2019-10-04 16:05:49 EST: notifying pkid(42)
    2019-10-04 16:05:49 EST: signaling 'PKI service daemon', pid 1286, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying sendd(43)
    2019-10-04 16:05:49 EST: signaling 'Secure Neighbor Discovery Protocol process', pid 1283, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:49 EST: notifying vccpd(44)
    2019-10-04 16:05:50 EST: signaling 'Virtual Chassis Control Protocol', pid 1249, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying chassism(45)
    2019-10-04 16:05:50 EST: signaling 'Chassis Manager', pid 1247, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying lldpd(47)
    2019-10-04 16:05:50 EST: signaling 'Link Layer Discovery Protocol', pid 1288, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying lfmd(48)
    2019-10-04 16:05:50 EST: signaling 'Ethernet OAM Link-Fault-Management process', pid 1263, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying eswd(49)
    2019-10-04 16:05:50 EST: signaling 'Ethernet Switching Process', pid 1258, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying dot1xd(50)
    2019-10-04 16:05:50 EST: cannot signal 'Port based Network Access Control', signal 1, no pid
    2019-10-04 16:05:50 EST: notifying sflowd(51)
    2019-10-04 16:05:50 EST: signaling 'Flow Sampling (Sflow) Daemon', pid 1290, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying autod(52)
    2019-10-04 16:05:50 EST: cannot signal 'Autoinstallation process', signal 1, no pid
    2019-10-04 16:05:50 EST: notifying cfmd(53)
    2019-10-04 16:05:50 EST: signaling 'Connectivity fault management process', pid 1264, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying ufdd(54)
    2019-10-04 16:05:50 EST: cannot signal 'Uplink failure detection process', signal 1, no pid
    2019-10-04 16:05:50 EST: notifying pkid(55)
    2019-10-04 16:05:50 EST: signaling 'PKI service daemon', pid 1286, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying ppmd(56)
    2019-10-04 16:05:50 EST: signaling 'Periodic packet management process', pid 1274, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying lrmuxd(58)
    2019-10-04 16:05:50 EST: cannot signal 'Logical system multiplexer process', signal 1, no pid
    2019-10-04 16:05:50 EST: notifying pgmd(60)
    2019-10-04 16:05:50 EST: cannot signal 'Pragmatic General Multicast process', signal 1, no pid
    2019-10-04 16:05:50 EST: notifying bfdd(61)
    2019-10-04 16:05:50 EST: signaling 'Bidirectional Forwarding Detection process', pid 1276, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying sdxd(62)
    2019-10-04 16:05:50 EST: cannot signal 'Service Deployment System (SDX) process', signal 1, no pid
    2019-10-04 16:05:50 EST: notifying auditd(63)
    2019-10-04 16:05:50 EST: signaling 'Audit process', pid 1282, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying eventd(65)
    2019-10-04 16:05:50 EST: signaling 'Event processing process', pid 876, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:50 EST: notifying mcsnoopd(66)
    2019-10-04 16:05:51 EST: signaling 'Multicast Snooping process', pid 1291, signal 1, status 0 with notification errors enabled
    2019-10-04 16:05:51 EST: notifying license-check(68)
    2019-10-04 16:05:51 EST: signaling 'Feature license management process', pid 1292, signal 1, status 0 with notification errors enabled
    error: tacplus accounting configured, but no servers provided
    2019-10-04 16:05:51 EST: ssync begins
    2019-10-04 16:05:52 EST: ssync ends
    2019-10-04 16:05:52 EST: commit complete
    commit complete

    The second thing is  that you relied "for group, you have SYSTEM1 group applied, logs should go to the configured hosts and you haven't configured a host in the default. Matching ones from group to default is mapped. I would  suggest to have syslog conf in either default or group, not both to aviod confusion."

     

    Can you please explain this more, I couldn't get your point...Can you provide which conf should be deleted if there is a duplicated same config or avoiding confusion?

     

    Thanks,

     

     

     



  • 4.  RE: logs

     
    Posted 10-03-2019 23:43

    The commit full basically respawns the conf to process/daemon. in case if you previous deleted the all messages files, the show log messages output will error out. thus one or two commits triggers spawns and file is generated.

     

    regarding the syslogs in group, remove that conf from group stanza and put it in the default.

    or if you really require group, move all of syslog conf to group to aviod confusion/duplication.

     

     

     



  • 5.  RE: logs

     
    Posted 10-03-2019 23:35

    1-) >show log messages--------> Why does it give the following error.
                         error: could not resolve file: messages

    Ans : This is expected becuase there is not message log file created yet 

     

    2-) >show log interactive-commands show log interactive-commands ----->Working. It gives logs....no problem. All good

     

    ANS : This is showing because, there is "interactive-commands" file created 

     

    3-) >show log default-log-messages------------>Why it gives the following?
                   Oct 3 17:04:21 EX_4200 newsyslog[66983]: logfile turned over due to -F request

     

    ANS: This log is coming becuase log file got rolled and while you checking that output

     

    4-) According to the current syslog, which are logs sending to the log Server?

     

    ANS: As per the config you shared ,These are the logs send to syslog server now 

     

    set groups SYSTEM1 system syslog host 10.10.130.100 any emergency
    set groups SYSTEM1 system syslog host 10.10.130.100 authorization info
    set groups SYSTEM1 system syslog host 10.10.130.100 firewall any
    set groups SYSTEM1 system syslog host 10.10.130.1000 interactive-commands info

     

    5-) Some syslog config under the groups, some under the system stanza. See below pls. Which one is not correct? Why can syslog be different stanzas?

     

    ANS:  here defualt-log-message file is configured to get the "structured-data" both the configuration are correct 

     

    You may refer this link for explaination of "structured-data"

    https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/syslog-message-structured-data-format-qfx-series-.html

     

    Thank you

    Prabin