Per default VyOSs has minimal syslog logging enabled which is stored and rotated locally. Errors will be always logged to a local file, which includes local7 error messages, emergency messages will be sent to the console, too.
To configure syslog, you need to switch into configuration mode.
Syslog supports logging to multiple targets, those targets could be a plain file on your VyOS installation itself, a serial console or a remote syslog server which is reached via IP UDP/TCP.
Logging to a remote host leaves the local logging configuration intact, it can be configured in parallel to a custom file or console logging. You can log to multiple hosts at the same time, using either TCP or UDP. The default is sending the messages via port 514/UDP.
Local User Account¶
List of facilities used by syslog. Most facilities names are self explanatory. Facilities local0 - local7 common usage is f.e. as network logs facilities for nodes and network equipment. Generally it depends on the situation how to classify logs and put them to facilities. See facilities more as a tool rather than a directive to follow.
Facilities can be adjusted to meet the needs of the user:
|5||syslog||Messages generated internally by syslogd|
|6||lpr||Line printer subsystem|
|7||news||Network news subsystem|
|15||clock||clock daemon (note 2)|
|16||local0||local use 0 (local0)|
|17||local1||local use 1 (local1)|
|18||local2||local use 2 (local2)|
|19||local3||local use 3 (local3)|
|20||local4||local use 4 (local4)|
|21||local5||local use 5 (local5)|
|22||local6||use 6 (local6)|
|23||local7||local use 7 (local7)|
|0||Emergency||emerg||System is unusable - a panic condition|
|1||Alert||alert||Action must be taken immediately - A condition that should be corrected immediately, such as a corrupted system database.|
|2||Critical||crit||Critical conditions - e.g. hard drive errors.|
|5||Notice||notice||Normal but significant conditions - conditions that are not error conditions, but that may require special handling.|
|7||Debug||debug||Debug-level messages - Messages that contain information normally of use only when debugging a program.|
If no option is specified, this defaults to all.
Log messages from a specified image can be displayed on the console. Details of allowed parameters:
|all||Display contents of all master log files of the specified image|
|authorization||Display all authorization attempts of the specified image|
|directory||Display list of all user-defined log files of the specified image|
|file <file name>||Display contents of a specified user-defined log file of the specified image|
|tail||Display last lines of the system log of the specified image|
|<lines>||Number of lines to be displayed, default 10|
When no options/parameters are used, the contents of the main syslog file are displayed.
show log | strip-private if you want to hide private data
when sharing your logs.
Deletes the specified user-defined file <text> in the /var/log/user directory
Note that deleting the log file does not stop the system from logging events. If you use this command while the system is logging events, old log events will be deleted, but events after the delete operation will be recorded in the new file. To delete the file altogether, first delete logging to the file using system syslog Custom File command, and then delete the file.