Help - Search - Members - Calendar
Full Version: Setting Up A Log Server
Linuxhelp > Support > Technical Support
Joey
Hi,

So I bought this new wireless router this weekend and it has the option to forward the logs to a log server. I simply have to enter in the IP (in the router config) and what type of info I want in the logs.

I've been looking through google and I've found a few sites that explain what you have to do on the client machines (aka the router in this case) but not much on what needs to be done on the server machine.

I know I have to restart syslogd with the -r flag (so it listens on a specific port) but I'm guessing I have to also edit /etc/syslog.conf and let it know what to do with the logs.

Any ideas of what I have to put in /etc/syslog.conf? I presume the IP of the machine sending the logs and the filename I want everything to go into?
hughesjr
Here is a remote log setup in Debian.
Joey
Excellent that was exactly what I was looking for.

Thanks!
Joey
Hmm either I'm doing something wrong or that guide on the link is incorrect.

I have the following specified in /etc/syslog.conf:

10.1.1.66 /var/log/wireless

however the logs are still going into /var/log/messages... (yah I restarted syslog)

Any ideas?
hughesjr
Did you edit the /etc/sysconfig/syslog file and change the line:

SYSLOGD_OPTIONS="-m 0"

to

SYSLOGD_OPTIONS="-rm 0"

--------------------------------
I'm not sure it matters, but maybe try the:

10.1.1.66 /var/log/wireless

as the top line in the file /etc/syslog.conf
Joey
Yah it was receiving fine remember, everything goes into /var/log/messages

I'll try it with the entry at the top of the file.
hughesjr
-------------------------------
10.1.1.66 is the IP address of the router right?
-------------------------------
did you touch /var/log/wireless?
Joey
Yup and Yup
hughesjr
Is it working?
--------------
I know I'm asking silly questions ... but sometimes it's simple things that bit us in the behind biggrin.gif
Joey
I havent tried it with the entry at the top of the file yet. Maybe later on today but I doubt that will work.
hughesjr
OK ... I've actaully been giving this a lot of thought.

In reading the man page and other places, I think (but I'm not sure) that incoming files from a remote machine are logged via local0 through local7 ... and not necessarily in order.

So, you might try this:

Change this line:
CODE
*.info;mail.none;authpriv.none;cron.none                /var/log/messages


to (all one line)
CODE
*.info;mail.none;authpriv.none;cron.none;local0.none;local1.none;local2.none;loc
al3.none;local4.none;local5.none;local6.none;local7.none               /var/log/messages


Then add this line:
CODE
local0.*;local1.*;local2.*;local3.*;local4.*;local5.*;local6.*;local7.*     /var/log/local0-7


then touch /var/log/local0-7 and (just for testing) chmod 777 /var/log/local0-7.

and see what splits off...and if the wireless is now in local0-7.

If the wireless splits off, then you can do 8 seperate files to figure out the exact channel...
Joey
I've already tried the local lines however I didn't modify any of the existing ones. I'll give it a shot later.
hughesjr
I tried it between 2 linux machines and it didn't work ... the remote machine still went straight into mesages...

Now I want to find out how to do this too!

I'm leaving for work ... I'll play will this some more at work (if possible) or at home latter today.

I can also verify that adding the IP doesn't redirect the remote logs to a seperate file (at least on RedHat).
hughesjr
This looks like what you want. Although it doesn't solve the problem with syslogd .. it replaces the remote logging feature.

Or better yet this article shows how to log to a mysql database for easy searching...
Joey
I don't think I'm going to install that rsyslog application, it seems very shady. I'm going to leave everything as is and just log into the router to check the logs periodically.

Thanks for the help.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2017 Invision Power Services, Inc.