Page 1 of 1

Logging

Posted: Tue Jan 15, 2008 7:41 pm
by chap
Hi all,

I have a problem in keeping records of logs. How can i keep all records of logs? In system/logging there is an option : log file size ..some.. lines. but i need all records to store in a single file and stores in /files by different names.

Please Help.

Thanks.

Re: Logging

Posted: Tue Jan 15, 2008 9:39 pm
by maximan
you can use remote syslog

Max
http://maxid.com.ar
http://mikrotikexpert.com

Re: Logging

Posted: Wed Jan 16, 2008 7:35 am
by chap
Thanks for reply.
can you please explain how?

Re: Logging

Posted: Wed Jan 16, 2008 10:33 am
by magic
Use a linux remote server (built into the linux, you only have to enable to accept remote syslog messages) or download a windows one from mikrotik (http://www.mikrotik.com/archive.php).
The syslog use 514 port so you have to change your firewall rules on the remote server to accept the logging requests.
Than set remote computer ip address into the /system/logging/action/remote.
After this you can change the log rules to tell the router what to send to the remote syslog server. Or you can add new rules so the router still log to memory.
And read the documentation: http://www.mikrotik.com/testdocs/ros/2. ... ogging.php

Krisz

Re: Logging

Posted: Fri Jan 18, 2008 4:20 pm
by chap
Thanks Krisz. I'll try.

Re: Logging

Posted: Tue Mar 25, 2008 5:17 pm
by totalnett
But what should i write in the /etc/syslog.conf on the linux to get the log in to a file.

local7.info ? or Can i spesify this on the mikrotik?
Eksampel?

Re: Logging

Posted: Wed Mar 26, 2008 9:00 am
by magic
You have to start your syslog-ng server with the -r parameter. This enable the remote logging. If you don't need to log to different file then the default log then you don't have to write anything.
If you wish to make different file to the log then find the syslog-ng.conf file somewhere in the /etc (depend on the linux distribution). There are examples have to make a new file

Krisz

Re: Logging

Posted: Wed Mar 26, 2008 1:47 pm
by totalnett
The -r parameter i allready added.
The question was how to filter only the mikrotik logg to a file.
Got this by adding to syslog.conf

;user.none /var/log/messages

user.* /var/log/logfile.log

:D

Re: Logging

Posted: Wed Mar 26, 2008 2:00 pm
by magic
There is a lot of way to do this. One is, when you made a new file for the messages which comes from the net.

Add this to the syslog-ng.conf:
source net { udp (ip("0.0.0.0") port (514)););
destination net { file ("/var/log/mikrotik" owner (root) group (root)); };
log { source (net); destination (net);};

Do not forget about the logrotate!
I hope this will help you
Krisz