I think you need
set system syslog global facility daemon level notice
set system syslog global facility protocols level all
You also can set log-modes fro ipsec
vyos@R1# set vpn ipsec logging log-modes
Possible completions:
dmn Debug log option for strongSwan
mgr Debug log option for strongSwan
ike Debug log option for strongSwan
chd Debug log option for strongSwan
job Debug log option for strongSwan
cfg Debug log option for strongSwan
knl Debug log option for strongSwan
net Debug log option for strongSwan
asn Debug log option for strongSwan
enc Debug log option for strongSwan
lib Debug log option for strongSwan
esp Debug log option for strongSwan
tls Debug log option for strongSwan
tnc Debug log option for strongSwan
imc Debug log option for strongSwan
imv Debug log option for strongSwan
pts Debug log option for strongSwan
any Debug log option for strongSwan
Each logging message also has a source from which subsystem in the daemon the log came from:
- app: applications other than daemons
- asn: Low-level encoding/decoding (ASN.1, X.509 etc.)
- cfg: Configuration management and plugins
- chd: CHILD_SA/IPsec SA
- dmn: Main daemon setup/cleanup/signal handling
- enc: Packet encoding/decoding encryption/decryption operations
- esp: libipsec library messages
- ike: IKE_SA/ISAKMP SA
- imc: Integrity Measurement Collector
- imv: Integrity Measurement Verifier
- job: Jobs queuing/processing and thread pool management
- knl: IPsec/Networking kernel interface
- lib: libstrongwan library messages
- mgr: IKE_SA manager, handling synchronization for IKE_SA access
- net: IKE network communication
- pts: Platform Trust Service
- tls: libtls library messages
- tnc: Trusted Network Connect