Syslog

From Bashlinux
Jump to: navigation, search

Remote logging

How to enable remote logs come in from remote hosts

Settings described here are for Fedora as syslog server Useful for small embedded devices like routers, DSL modems and access points.

  • Enable UDP syslog reception in /etc/rsyslog.conf and uncomment the following lines:
$ModLoad imudp
$UDPServerRun 514
  • Ensure TCP syslog is either disabled or running on a different port.
  • Restart rsyslog:
systemctl restart rsyslog.service

How to send logs to a remote log server from a home router

  • In OpenWRT UI go to System tab, System subtab, Logging sub-subtab.
  • Put the IP of the syslog server there.
    • Confirm that the changes are saved in /etc/config/system as option log_ip 192.168.m.n
  • Here you need to restart syslogd on the router. Just reboot the router :)
  • Look in /var/log/messages on the syslog server. You should see messages from the router.
  • To log all router-based messages into single file create the file etc/rsyslogd.d/openwrt.conf with the following contents:
:source, isequal, "server.ip" /var/log/mylogfile.log
:source, isequal, "server.ip" ~