Support Support Downloads Knowledge Base Juniper Support Portal Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[EOL/EOE] [NSM] Log rotation/archiving failure

0

0

Article ID: KB28596 KB Last Updated: 18 Oct 2020Version: 2.0
Summary:

Note: A product listed in this article has either reached hardware End of Life (EOL) OR software End of Engineering (EOE).  Refer to End of Life Products & Milestones for the EOL, EOE, and End of Support (EOS) dates.


Archival and purge of the device logs fails even when log retention policy is configured. This article discusses the reasons for this failure and presents a configuration procedure to correct it.

Symptoms:

Despite log retention policy being enabled for archival of device logs, sometimes these logs do not rotate as per configuration.

Symptoms:

I. When archived location set is on the local server:

  1. The tar files are being created in the directory where device logs are stored (Default: /var/netscreen/DevSvr/logs) and not under the archived location path.

  2. The archived files are not created and the logs are not purged.

  3. Error seen in errorLog file /usr/netscreen/DevSvr/var/errorLog/deviceDaemon.0 are:
  4. [12/07/2013 07:51:17.352] [Error] [11256752-soLogDbUtils.c:4555] command (/bin//mv /usr/netscreen/DevSvr/var/logs/20131127_0.tar.gz /home/admin) failed
    [12/04/2013 15:05:16.441] [Error] [13677456-soLogDbUtils.c:4995] soTestDir ('/root/archives') failed

    II. When archived location set is on a remote server:

    [12/07/2013 09:00:41.393] [Error] [11514800-soLogDbUtils.c:4555] command (/usr/bin/scp /usr/netscreen/DevSvr/var/logs/20131127_0.tar.gz
    nsm@172.27.201.216:/archives) failed
Solution:

The task of log retention/archival/purge belongs to user "nsm". It is important that the archival path set is a directory accessible by user "nsm". Otherwise, permission protocols will not permit user "nsm" to create the archived files in a desired directory.

To verify that the directory given in archived location is accessible by user "nsm", perform the following steps:
  1. Switch to nsm user: su - nsm

  2. Change directory location as specified in archived location.

If path is accessible, you will be able to enter the directory. However, if the path is inaccessible, it will display a "permission denied" message.)

For example:

[root@NSMXpress logs]# su - nsm
[nsm@NSMXpress ~]$ cd /home/admin/
-bash: cd: /home/admin/: Permission denied

Do not use /home/admin as a log archive location.

This concept is applicable when logs must be archived locally or remotely on some other server.

Modification History:
2020-10-18: Tagged article for EOL/EOE.
 
Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search