It appears that show log all does not work for even privileged RADIUS users:
trae@cr01a-vyos# run show log all Remote command execution is not allowed for operator level users Remote command execution is not allowed for operator level users Remote command execution is not allowed for operator level users Remote command execution is not allowed for operator level users Remote command execution is not allowed for operator level users Remote command execution is not allowed for operator level users trae@cr01a-vyos# whoami trae
/etc/raddb/users:
DEFAULT Group == network_admins Service-Type = NAS-Prompt-User, cisco-avpair = "shell:priv-lvl=15", Arista-AVPair = "shell:roles=network-admin" DEFAULT Group == network_operators Service-Type = NAS-Prompt-User, cisco-avpair = "shell:priv-lvl=10", Arista-AVPair = "shell:roles=network-operator"
User in question (FreeIPA backend):
sh-4.4$ groups trae trae : trae network_admins physical_admins god_mode editors admins
This configuration works fine for all other devices (Arista, UBNT, Aruba, etc).