log – a family of commands for managing the logging system

log syslog

Go to the settings menu for sending logs to a remote server.

log syslog> address <ip-address>

Set IP address of the remote server.

log syslog> port <port>

Set port of the remote server.

log syslog> protocol (tcp|udp|tls)

Set protocol of the remote server.

log syslog> ca-bundle (path)

Specify the path to the certificate file to upload it to syslog-ng.

log syslog> enabled

Start service for sending logs to remote server.

log syslog> no enabled

Stop service for sending logs to remote server.

log syslog> exit

Exit log export configuration menu.

log level

Go to logging level settings for subsystems.

log level dataplane (critical|debug|error|info|off|trace|warning)

Set logging level for the data plane.

log level management (critical|debug|error|info|off|trace|warning)

Set logging level for the management plane.

log level security (critical|debug|error|info|off|trace|warning)

Set logging level for the security plane.

log level control-plane (critical|debug|error|info|off|trace|warning)

Set logging level for the routing protocols log.

log level dpdk (critical|debug|error|info|off|trace|warning)

Set logging level for the DPDK subsystem.

log level cluster (critical|debug|error|info|off|trace|warning)

Set logging level for the entire cluster subsystem (see the failover family of commands).

show log level

Show logging levels of subsystems. Example output:

ngfw> show log level
{
  "ngfw-logs-levels:logs": {
    "levels": {
      "dataplane": "warning",
      "management": "warning",
      "security": "error",
      "control-plane": "warning",
      "dpdk": "error",
      "cluster": "info"    }  }
}

log filter

Go to filter management to save local logs.

log filter src-ip

Go to log filter menu for source IP address.

log filter src-ip> [no] host <ipv4-address>

Add (or remove, if no) a filter for one IP address (host).

log filter src-ip> [no] range <ip-range>

Add (or remove, if no) a filter for a range of IP addresses.

log filter src-ip> [no] subnet <ipv4-prefix>

Add (or remove, if no) a filter for a subnet.

log filter src-ip> [no] object <name>

Add (or remove, if no) a filter for a previously created network object. The object must exist.

log filter dst-ip

Go to log filter menu for destination IP address.

log filter dst-ip> [no] host <ipv4-address>

Add (or remove, if no) a filter for one IP address (host).

log filter dst-ip> [no] range <ip-range>

Add (or remove, if no) a filter for a range of IP addresses.

log filter dst-ip> [no] subnet <ipv4-prefix>

Add (or remove, if no) a filter for a subnet.

log filter dst-ip> [no] object <name>

Add (or remove, if no) a filter for a previously created network object. The object must exist.

log filter> [no] service <name>

Add (or remove, if no) a filter for a previously created service. The service must exist.

log journal

Go to journald configuration generation management.

log journal storage (persistent|volatile)

Save logs to disk (persistent) or in RAM (volatile).

log journal max-size <percent>

Specify the maximum size of saved logs as a percentage of RAM or disk space.

show log journal

Show the current configuration of the log. Example output:

ngfw> show log journal
{
  "ngfw-logs:logs": {
    "journal": {
      "storage": "persistent"    }  }
}
{
  "ngfw-logs:logs": {
    "journal": {
      "system": {
        "max-use": 40      }    }  }
}

| Prev | Home | Next |