Syslog

From Juniper Clue

Jump to: navigation, search

This syslog filter removes all ssh logins (think rancid) and license warnings (think ospf3) from appearing in your splunk[1] or logstash[2] aggregator: 

system {
    syslog {
        file messages {
            match "!(.*requires a license.*|.*LICENSE_EXPIRED.*|.*STL library initialized.*|.*kernel time sync enabled.*)";
        }
    }
}
Retrieved from "http://juniper.cluepon.net/Syslog"
Personal tools