Remote tracing on Junos
It’s possible that for specific processes in Junos, the logs/traceoptions to be sent remotely.
You can have there a syslog server where the logs will be stored for later analysis.
The feature is activated for all processes that supports it and you can disable remote tracing specifically for each process.
Keep in mind that once the remote tracing is enabled, the logs are not written anymore locally on the device as they would be by default.
Let’s take a look at this diagram:
There are few processes that can log remotely and couple of them are chassisd and eventd.
Let’s see an example.
Every time a commit is done, chassisd is writing in /var/log/chassisd among other things this line:
CHASSISD_PARSE_COMPLETE: Using new configuration
So before we enable remote tracing, let’s confirm this:
[edit] root@MX1# run clear log chassisd all [edit] root@MX1# run show log chassisd | match CHASSISD_PARSE_COMPLETE Dec 23 11:32:16 [edit] root@MX1# commit Dec 23 11:32:20 commit complete [edit] root@MX1# run show log chassisd | match CHASSISD_PARSE_COMPLETE Dec 23 11:32:26 Dec 23 11:32:21 CHASSISD_PARSE_COMPLETE: Using new configuration [edit] root@MX1#
Now, let’s enable remote tracing:
[edit] root@MX1# set system tracing destination-override syslog host 10.10.10.2
And perform another commit. Nothing is written locally:
[edit] root@MX1# commit Dec 23 11:33:01 commit complete [edit] root@MX1# [edit] root@MX1# run show log chassisd | match CHASSISD_PARSE_COMPLETE Dec 23 11:33:09 Dec 23 11:32:21 CHASSISD_PARSE_COMPLETE: Using new configuration [edit] root@MX1#
A packet capture on the syslog server shows that the log was received:
It’s possible to disable remote tracing for specific processes.
Let’s do this for eventd so it will not send the traceoptions logs remotely.
Currently, the event-options traceoptions are enabled and we should see on the syslog server messages from eventd and chassisd.
This is what is configured under event-options:
[edit] root@MX1# show event-options Dec 23 11:36:27 traceoptions { file eventd.log; flag all; } [edit] root@MX1# commit Dec 23 11:36:30 commit complete [edit] root@MX1#
As you can see, there is nothing written locally for the eventd traceoptions file:
[edit] root@MX1# run show log eventd.log Dec 23 11:37:05 Dec 23 11:36:59 MX1 clear-log[30196]: logfile cleared [edit] root@MX1#
And this is part of a packet capture showing messages for chassisd and eventd after a commit:
Let’s disable remote tracing for eventd and confirm that now the logs are written locally on the device:
[edit] root@MX1# set event-options traceoptions no-remote-trace [edit] root@MX1# commit Dec 23 11:59:02 commit complete [edit] root@MX1#
Now, the logs are locally stored:
[edit] root@MX1# run show log eventd.log | last 10 Dec 23 12:01:00 Dec 23 12:01:00 Number of events in the queue for processing 1 Dec 23 12:01:00 eventd_message_read Dec 23 12:01:00 eventd_event_process_queue Dec 23 12:01:00 Processing event <UI_CMDLINE_READ_LINE> Dec 23 12:01:00 eventd_event_process Dec 23 12:01:00 eventd_event_clear_ref Dec 23 12:01:00 No policies for event <UI_CMDLINE_READ_LINE> Dec 23 12:01:00 event_syslog_process Dec 23 12:01:00 eventd_notify_daemons Dec 23 12:01:00 eventd_event_clear_ref [edit] root@MX1#
And this would be all about remote tracing. There are multiple processes that support the feature and for each one of them you can disable the remote tracing.
Some processes might have this feature on some platforms and not on other platforms.
Check the documentation specifically for your platform.
You can check this as a starter:
Tracing and Logging Junos OS Operations
Paris ARAU
Latest posts by Paris ARAU (see all)
- Junos Fusion – Part IV – Satellite policies and uplink failure detection - 30 July 2018
- Junos Fusion – Part III – Satellite commands and traffic forwarding - 16 July 2018
- Junos Fusion – Part II – Configuration, Administration and Operation - 16 July 2018
- Junos Fusion – Part I – Overview, Components, Ports and Software - 11 July 2018
- Vagrant – Part IV – Network topology using Juniper and Cumulus - 26 April 2018
[…] discussed in this post how to enable remote tracing on Junos. The problem is that the feature can be enabled only for some […]