By default switch sends out syslog to syslog server with all severity levels.
All the messages are stored in the syslog file in /var/log. Users can view it by issuing the “sudo cat syslog” command.
This SONiC CLI command displays all the available log messages.
admin@sonic:~$ show logging
Please use the -f or -follow flag to follow the live logging.
admin@sonic:~$ show logging --follow
Figure 1. Network topology
Prerequisite:
Check your network addresses and ensure connectivity between systems.
admin@sonic:~$ sudo config syslog add 192.168.0.1
Running command: systemctl reset-failed rsyslog-config rsyslog
Running command: systemctl restart rsyslog-config
The syslog configuration file location is /usr/share/sonic/templates/rsyslog.conf.j2
Value | Severity | Keyword |
---|---|---|
0 | Emergency | emerg |
1 | Alert | alert |
2 | Critical | crit |
3 | Error | err |
4 | Warning | warning |
5 | Notice | notice |
6 | Informational | info |
7 | Debug | debug |
Notice and below (levels 0 ~ 5)
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2
{ % for server in SYSLOG_SERVER % }
*.notice @{{ server }}:514;SONiCFileFormat
{ % endfor % }
Only error level (level 3).
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2
{% for server in SYSLOG_SERVER %}
*.=error @{{ server }}:514;SONiCFileFormat
{% endfor %}
All severity levels except warnings (levels 0 ~ 7 except 4).
admin@sonic:~$ sudo vi /usr/share/sonic/templates/rsyslog.conf.j2
{% for server in SYSLOG_SERVER %}
*.debug;*.!=warning @{{ server }}:514;SONiCFileFormat
{% endfor %}
Restart syslog service:
admin@sonic:~$ sudo systemctl restart rsyslog-config