Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

SRX stops writing to a log file while communicating to NSM Server

0

0

Article ID: KB21695 KB Last Updated: 24 Feb 2020Version: 2.0
Summary:
This article describes the issue of SRX not writing to a log file while communicating to NSM Server; consequently NSM does not populate logs for the SRX.
Symptoms:
  • SRX randomly stops writing logs to default-log-messages file; consequently NSM stops reporting any logs coming from SRX.

  • When EventD is restarted (restart event-processing), SRX starts to write logs to default-log-messages file  again and NSM starts reporting activity from SRX.

  • The following messages keeps populating when logs are not written in the default-log-messages during the problem:
     
    Jul 13 15:59:31 sdxd_obssh_retry_timer_handler: (nsm) Everything okay.Starting oneshot timer...

Below is the config:
 
groups {
     node0 {
         system {
         host-name SRX3K4_TOP;
         backup-router 10.1.1.1 destination 10.100.24.0/24;
     services {
         outbound-ssh {
             client nsm {
             device-id 987A2A;
             services netconf;
             10.1.1.10 port 7804;
             }
         }
     }
syslog {
     archive size 200k files 10;
         file default-log-messages {
             any any;
             structured-data;
         }
     }
}
interfaces {
    fxp0 {
        unit 0 {
            family inet {
                address 10.1.1.115/24;
            }
        }
    }
}

node1 {
     system {
         host-name SRX3K4_BOT;
         backup-router 10.1.1.1 destination 10.100.24.0/24;
             services {
                 outbound-ssh {
                     client nsm {
                         device-id 8DE49B;
                         services netconf;
                         10.1.1.10 port 7804;
                     }
                 }
             }
syslog {
     archive size 200k files 10;
         file default-log-messages {
             any any;
             structured-data;
         }
      }
}
interfaces {
    fxp0 {
        unit 0 {
            family inet {
                address 10.1.1.116/24;
            }
        }
    }
}
}
}
apply-groups "$ ";

system {
     domain-name metmuseum.org;
         time-zone America/New_York;
             authentication-order [ password radius ];
                 root-authentication {
                 }
services {
     ftp;
         ssh {
         root-login deny;
         protocol-version v2;
         connection-limit 5;
         }
telnet;
     outbound-ssh {
         traceoptions {
             file default-log-messages;
             flag connectivity;
         }
     }
web-management {
     https {
         system-generated-certificate;
     }
   }
  }
}

Or
set groups node0 system host-name SRX3K4_TOP
set groups node0 system backup-router 10.1.1.1
set groups node0 system backup-router destination 10.100.24.0/24
set groups node0 system services outbound-ssh client nsm device-id 987A2A
set groups node0 system services outbound-ssh client nsm services netconf
set groups node0 system services outbound-ssh client nsm 10.1.1.10 port 7804
set groups node0 system syslog archive size 200k
set groups node0 system syslog archive files 10
set groups node0 system syslog file default-log-messages any any
set groups node0 system syslog file default-log-messages structured-data
set groups node0 interfaces fxp0 unit 0 family inet address 10.1.1.115/24
set groups node1 system host-name SRX3K4_BOT
set groups node1 system backup-router 10.1.1.1
set groups node1 system backup-router destination 10.100.24.0/24
set groups node1 system services outbound-ssh client nsm device-id 8DE49B
set groups node1 system services outbound-ssh client nsm services netconf
set groups node1 system services outbound-ssh client nsm 10.1.1.10 port 7804
set groups node1 system syslog archive size 200k
set groups node1 system syslog archive files 10
set groups node1 system syslog file default-log-messages any any
set groups node1 system syslog file default-log-messages structured-data
set groups node1 interfaces fxp0 unit 0 family inet address 10.1.1.116/24
set apply-groups "$ "

set system domain-name metmuseum.org
set system time-zone America/New_York
set system authentication-order password
set system authentication-order radius
set system root-authentication encrypted-password "$ABC123"
set system services ftp
set system services ssh root-login deny
set system services ssh protocol-version v2
set system services telnet
set system services outbound-ssh traceoptions file default-log-messages
set system services outbound-ssh traceoptions flag connectivity
Solution:
Configuration related issue:

The file name configured under [edit system services outbound-ssh traceoptions file] and [edit groups node0 system syslog file] were the same (default-log-messages): thus leading to conflict in the file handling mechanism of syslog and trace infrastructure.
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search