Gargoyle Wiki

User Tools

Site Tools

Trace:
remote_syslog

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
remote_syslog [2011/12/18 07:55]
ispyisail 		remote_syslog [2016/02/09 18:14] (current)
z3braman changed "conloglevel" to "cronloglevel"
Line 1: Line 1:
-====== remote syslog ====== +====== Remote Syslog ====== 
-===== Method 1 ===== + 
-I think it would be very useful if it would be possible to set log_ip from the webinterface. I have now set it with SSH:+   
 +===== Introduction ===== 
 +Setting up up syslog remote logging server is good for fault finding.  
 + 
 +When logging connect your gargoyle router to the logging server with an Ethernet cable for more reliable results 
 + 
 +===== Client ===== 
 +Setup your gargoyle router as a syslog client by making a SSH connection to the router and then run the following commands. 
 + 
 +NOTEChange the IP address to your **syslog server** 
 +==== Set IP server address ====
  
 <shell> <shell>
Line 9: Line 19:
 </shell> </shell>
  
-But I think that it could be useful for other people.+If the setting are "log_ip" then all syslog messages get sent to that IP address (where a syslog server should be running).
  
-If setting log_ip all syslog messages gets sent to that IP address (where a syslog server should be running). +==== Increase logging Level ==== 
- +Increase the type of message which are sent to the syslog server
-Any idea how to increase the log level of syslog, I want everything from logread/dmesg logged into remote syslog.+
  
 <shell> <shell>
-uci set system.@system[0].conloglevel=7+uci set system.@system[0].cronloglevel=7
 uci commit uci commit
 reboot reboot
Line 23: Line 32:
 This will make it show everything except debugging messages. This will make it show everything except debugging messages.
  
 +===== Server =====
  
-===== Method 2 =====+==== OS X ====
  
 +For Mavericks 10.9, and probably earlier:
  
 +You need to edit /System/Library/LaunchDaemons/com.apple.syslogd.plist
  
 +Look for the Sockets key and add a new section for NetworkListener:
  
-I was able to successfully install syslog-ng3 on Gargoyle TPlink WR1043ND and logging to remote syslog running on my Debian home server.+<code> 
 +  <key>Sockets</key> 
 +  <dict> 
 +    […] 
 +    <key>NetworkListener</key> 
 +    <dict> 
 +      <key>SockServiceName</key> 
 +      <string>syslog</string> 
 +      <key>SockType</key> 
 +      <string>dgram</string> 
 +    </dict> 
 +  </dict> 
 +</code>
  
-<shell> +The easiest way to do this without running afoul of cached preferences is:
-opkg update +
-opkg install syslog-ng3 +
-</shell> +
-and missing dependency, syslog-ng won't start without it+
  
-<shell+<code
-opkg install libdbi +cd /System/Library/LaunchDaemons 
-</shell>+sudo /usr/libexec/PlistBuddy -c "add :Sockets:NetworkListener dict" com.apple.syslogd.plist 
 +sudo /usr/libexec/PlistBuddy -c "add :Sockets:NetworkListener:SockServiceName string syslog" com.apple.syslogd.plist 
 +sudo /usr/libexec/PlistBuddy -c "add :Sockets:NetworkListener:SockType string dgram" com.apple.syslogd.plist 
 +sudo launchctl unload com.apple.syslogd.plist 
 +sudo launchctl load com.apple.syslogd.plist 
 +</code>
  
-ConfigurationEdit syslog-ng.conf+Thanks http://stackoverflow.com/questions/5510563/how-to-start-syslogd-server-on-mac-to-accept-remote-logging-messages
  
-<shell> +==== Windows ====
-root@Gargoyle:~# cat /etc/syslog-ng.conf +
-@version:3.0+
  
-options { +Windows logging server 
-        chain_hostnames(no); +http://www.kiwisyslog.com/
-        create_dirs(yes); +
-        flush_lines(0); +
-        keep_hostname(yes); +
-        log_fifo_size(256); +
-        log_msg_size(1024); +
-        stats_freq(0); +
-        flush_lines(0); +
-        use_fqdn(no); +
-};+
  
-source src { +Free Kiwi Syslog Server (download the free version with limited features)
-        internal()+
-        unix-stream("/dev/log"); +
-};+
  
-source net { +Download and install 
-        udp(ip(0.0.0.0) port(514)); +
-};+
  
-source kernel { +Under Setting>>Input change to the IP address to your gargoyle router
-        file("/proc/kmsg" program_override("kernel")); +
-};+
  
-destination messages { +{{::2013-09-22_10_17_33-veriton_-_remote_desktop.jpg?500|}} 
-        file("/var/log/messages"); +
-}; +
-destination d_udp udp("192.168.0.113" port(514)); }+
-log { +
-        source(src); +
-        source(net); +
-        source(kernel); +
-        destination(d_udp); +
-#       destination(messages); +
-}; +
-</shell> +
- +
-I am using my Debian home server and syslog server, here are the relevant lines from syslog server config +
- +
-<shell> +
-destination routermsg { file("/var/log/router.log"); }; +
-filter f_router { host(192.168.0.1); }; +
-log { source(remoteudp); filter(f_router); destination(routermsg); }+
-</shell>+
  
 +{{:kiwi_syslog_server_version_9.png|}}
remote_syslog.1324194906.txt.gz · Last modified: 2011/12/18 07:55 by ispyisail

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki