T6641: Add vyos-network-event-logger Service

The service parses and logs network events for improved monitoring and diagnostics.
Supported event types include:

- `RTM_NEWROUTE`, `RTM_DELROUTE`
- `RTM_NEWLINK`, `RTM_DELLINK`
- `RTM_NEWADDR`, `RTM_DELADDR`
- `RTM_NEWNEIGH`, `RTM_DELNEIGH`, `RTM_GETNEIGH`
- `RTM_NEWRULE`, `RTM_DELRULE`

Added operational mode commands for filtered log retrieval:
- `show log network-event <event-type> <interface>`: Retrieve logs filtered by event type and interface.
- `show interfaces <type> <name> event-log <event-type>`: Display interface-specific logs filtered by event type.

interface-definitions/service_monitoring_network_event.xml.in

@@ -0,0 +1,91 @@
+<?xml version="1.0"?>
+<interfaceDefinition>
+  <node name="service">
+    <children>
+      <node name="monitoring">
+        <properties>
+          <help>Monitoring services</help>
+        </properties>
+        <children>
+          <node name="network-event" owner="${vyos_conf_scripts_dir}/service_monitoring_network_event.py">
+            <properties>
+              <help>Network event logger</help>
+              <priority>1280</priority>
+            </properties>
+            <children>
+              <node name="event">
+                <properties>
+                  <help>Network event type</help>
+                </properties>
+                <children>
+                  <leafNode name="route">
+                    <properties>
+                      <help>Log routing table update events</help>
+                      <valueless/>
+                    </properties>
+                  </leafNode>
+                  <leafNode name="link">
+                    <properties>
+                      <help>Log link status changes events</help>
+                      <valueless/>
+                    </properties>
+                  </leafNode>
+                  <leafNode name="addr">
+                    <properties>
+                      <help>Log address assignment and removal events</help>
+                      <valueless/>
+                    </properties>
+                  </leafNode>
+                  <leafNode name="neigh">
+                    <properties>
+                      <help>Log neighbor (ARP/ND) table update events</help>
+                      <valueless/>
+                    </properties>
+                  </leafNode>
+                  <leafNode name="rule">
+                    <properties>
+                      <help>Log policy routing rule change events</help>
+                      <valueless/>
+                    </properties>
+                  </leafNode>
+                </children>
+              </node>
+              <leafNode name="queue-size">
+                <properties>
+                  <help>Internal message queue size</help>
+                  <valueHelp>
+                    <format>u32:100-999999</format>
+                    <description>Queue size</description>
+                  </valueHelp>
+                  <constraint>
+                    <validator name="numeric" argument="--range 1-999999"/>
+                  </constraint>
+                  <constraintErrorMessage>Queue size must be between 100 and 999999</constraintErrorMessage>
+                </properties>
+              </leafNode>
+              <leafNode name="log-level">
+                <properties>
+                  <help>Set log-level. Log must be enable</help>
+                  <completionHelp>
+                    <list>info debug</list>
+                  </completionHelp>
+                  <valueHelp>
+                    <format>info</format>
+                    <description>Info log level</description>
+                  </valueHelp>
+                  <valueHelp>
+                    <format>debug</format>
+                    <description>Debug log level</description>
+                  </valueHelp>
+                  <constraint>
+                    <regex>(info|debug)</regex>
+                  </constraint>
+                </properties>
+              </leafNode>
+            </children>
+          </node>
+        </children>
+      </node>
+    </children>
+  </node>
+</interfaceDefinition>

op-mode-definitions/include/log/network-event-type-interface.xml.i

@@ -0,0 +1,11 @@
+<!-- included start from isis-common.xml.i -->
+<tagNode name="interface">
+  <properties>
+    <help>Show log for specific interface</help>
+    <completionHelp>
+      <script>${vyos_completion_dir}/list_interfaces</script>
+    </completionHelp>
+  </properties>
+  <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$4\]" | tr '[:lower:]' '[:upper:]')" | grep "\b$6\b"</command>
+</tagNode>
+<!-- included end -->

op-mode-definitions/include/show-interface-type-event-log.xml.i

@@ -0,0 +1,40 @@
+<!-- included start from show-nht.xml.i -->
+<node name="event-log">
+  <properties>
+    <help>Show interface network event log</help>
+  </properties>
+  <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "\b$4\b"</command>
+  <children>
+    <leafNode name="route">
+      <properties>
+        <help>Show log for route network events</help>
+      </properties>
+      <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$6\]" | tr '[:lower:]' '[:upper:]')" | grep "\b$4\b"</command>
+    </leafNode>
+    <leafNode name="link">
+      <properties>
+        <help>Show log for link network events</help>
+      </properties>
+      <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$6\]" | tr '[:lower:]' '[:upper:]')" | grep "\b$4\b"</command>
+    </leafNode>
+    <leafNode name="addr">
+      <properties>
+        <help>Show log for addr network events</help>
+      </properties>
+      <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$6\]" | tr '[:lower:]' '[:upper:]')" | grep "\b$4\b"</command>
+    </leafNode>
+    <leafNode name="neigh">
+      <properties>
+        <help>Show log for neigh network events</help>
+      </properties>
+      <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$6\]" | tr '[:lower:]' '[:upper:]')" | grep "\b$4\b"</command>
+    </leafNode>
+    <leafNode name="rule">
+      <properties>
+        <help>Show log for rule network events</help>
+      </properties>
+      <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$6\]" | tr '[:lower:]' '[:upper:]')" | grep "\b$4\b"</command>
+    </leafNode>
+  </children>
+</node>
+<!-- included end -->

op-mode-definitions/show-interfaces-bonding.xml.in

@@ -67,6 +67,7 @@
                   </leafNode>
                 </children>
               </tagNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="bonding">

op-mode-definitions/show-interfaces-bridge.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=bridge</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="bridge">

op-mode-definitions/show-interfaces-dummy.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=dummy</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="dummy">

op-mode-definitions/show-interfaces-ethernet.xml.in

@@ -68,6 +68,7 @@
                   </leafNode>
                 </children>
               </tagNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="ethernet">

op-mode-definitions/show-interfaces-geneve.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=geneve</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="geneve">

op-mode-definitions/show-interfaces-input.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=input</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="input">

op-mode-definitions/show-interfaces-l2tpv3.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=l2tpv3</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="l2tpv3">

op-mode-definitions/show-interfaces-loopback.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=loopback</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="loopback">

op-mode-definitions/show-interfaces-macsec.xml.in

@@ -29,6 +29,9 @@
               </completionHelp>
             </properties>
             <command>ip macsec show $4</command>
+            <children>
+              #include <include/show-interface-type-event-log.xml.i>
+            </children>
           </tagNode>
         </children>
       </node>

op-mode-definitions/show-interfaces-pppoe.xml.in

@@ -28,6 +28,7 @@
                 </properties>
                 <command>if [ -d "/sys/class/net/$4" ]; then /usr/sbin/pppstats "$4"; fi</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="pppoe">

op-mode-definitions/show-interfaces-pseudo-ethernet.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=pseudo-ethernet</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="pseudo-ethernet">

op-mode-definitions/show-interfaces-sstpc.xml.in

@@ -28,6 +28,7 @@
                 </properties>
                 <command>if [ -d "/sys/class/net/$4" ]; then /usr/sbin/pppstats "$4"; fi</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="sstpc">

op-mode-definitions/show-interfaces-tunnel.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=tunnel</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="tunnel">

op-mode-definitions/show-interfaces-virtual-ethernet.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=virtual-ethernet</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="virtual-ethernet">

op-mode-definitions/show-interfaces-vti.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=vti</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="vti">

op-mode-definitions/show-interfaces-vxlan.xml.in

@@ -19,6 +19,7 @@
                 </properties>
                 <command>${vyos_op_scripts_dir}/interfaces.py show_summary --intf-name="$4" --intf-type=vxlan</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="vxlan">

op-mode-definitions/show-interfaces-wireguard.xml.in

@@ -43,6 +43,7 @@
                 </properties>
                 <command>sudo ${vyos_op_scripts_dir}/interfaces_wireguard.py show_summary --intf-name="$4"</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="wireguard">

op-mode-definitions/show-interfaces-wireless.xml.in

@@ -73,6 +73,7 @@
                   </leafNode>
                 </children>
               </tagNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
         </children>

op-mode-definitions/show-interfaces-wwan.xml.in

@@ -80,6 +80,7 @@
                 </properties>
                 <command>echo not implemented</command>
               </leafNode>
+              #include <include/show-interface-type-event-log.xml.i>
             </children>
           </tagNode>
           <node name="wwan">

op-mode-definitions/show-log.xml.in

@@ -940,6 +940,68 @@
             </properties>
             <command>journalctl --no-hostname --boot --unit squid.service</command>
           </leafNode>
+          <node name="network-event">
+            <properties>
+              <help>Show log for network events</help>
+            </properties>
+            <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service</command>
+            <children>
+              <tagNode name="interface">
+                <properties>
+                  <help>Show log for specific interface</help>
+                  <completionHelp>
+                    <script>${vyos_completion_dir}/list_interfaces</script>
+                  </completionHelp>
+                </properties>
+                <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep $5</command>
+              </tagNode>
+              <node name="route">
+                <properties>
+                  <help>Show log for route network events</help>
+                </properties>
+                <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$4\]" | tr '[:lower:]' '[:upper:]')" </command>
+                <children>
+                  #include <include/log/network-event-type-interface.xml.i>
+                </children>
+              </node>
+              <node name="link">
+                <properties>
+                  <help>Show log for link network events</help>
+                </properties>
+                <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$4\]" | tr '[:lower:]' '[:upper:]')" </command>
+                <children>
+                  #include <include/log/network-event-type-interface.xml.i>
+                </children>
+              </node>
+              <node name="addr">
+                <properties>
+                  <help>Show log for addr network events</help>
+                </properties>
+                <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$4\]" | tr '[:lower:]' '[:upper:]')" </command>
+                <children>
+                  #include <include/log/network-event-type-interface.xml.i>
+                </children>
+              </node>
+              <node name="neigh">
+                <properties>
+                  <help>Show log for neigh network events</help>
+                </properties>
+                <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$4\]" | tr '[:lower:]' '[:upper:]')" </command>
+                <children>
+                  #include <include/log/network-event-type-interface.xml.i>
+                </children>
+              </node>
+              <node name="rule">
+                <properties>
+                  <help>Show log for rule network events</help>
+                </properties>
+                <command>journalctl --no-hostname --boot --unit vyos-network-event-logger.service | grep "$(echo "\[$4\]" | tr '[:lower:]' '[:upper:]')" </command>
+                <children>
+                  #include <include/log/network-event-type-interface.xml.i>
+                </children>
+              </node>
+            </children>
+          </node>
         </children>
       </node>
     </children>