1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

How To : Remote logging to a local linux box

Discussion in 'Tomato Firmware' started by vmixus, Jan 28, 2014.

  1. vmixus

    vmixus Serious Server Member

    Some notes on how I setup remote logging from a Tomato router to a Debian Wheezy box.

    STEP 1 : Install syslog-ng
    # On Debian using apt-get
    $ apt-get install syslog-ng
    # (Optional) Backup the original config file for syslog-ng
    $ cp /etc/syslog-ng/syslog-ng.conf /etc/syslog-ng/syslog-ng.orig
    STEP 2 : Configure syslog-ng
    Add following lines to the .conf file and modify settings where appropriate
    $ vi /etc/syslog-ng/syslog-ng.conf
    # Source declaration for incoming router logs.
    # Modify port number to match Tomato settings.
    source s_router { udp(port(514)); };
    # Destination for incoming router logs
    destination d_router { file("/var/log/router/router.log"); };
    # Custom log for router logs
    log { source(s_router); destination(d_router); };
    Next, we need to manually create the newly specified dir/file.
    Restart syslog-ng and make sure there weren't any syntax errors in .conf file due to typeo's
    Also, if a firewall is locally present on your box remember to allow the above specified port.
    # Manually create the specified dir
    $ mkdir /var/log/router
    # Make sure the new file exists (this step may not be necessary)
    $ touch /var/log/router/router.log
    # Restart syslog-ng
    $ service syslog-ng restart
    [ ok ] Stopping system logging: syslog-ng.
    [ ok ] Starting system logging: syslog-ng.
    STEP 3 : Tomato setup
    Finally, point Tomato to save logs to the syslog server.
    Match settings from below under Administration -> Logging
    Change IP / Port to match your environment.

    At this point all logs from router should show up on the remote system at the specified location.

    Below are some links I found helpful. It's also possible to setup filters using syslog-ng so you can split off logs to different files i.e.(firewall.log, vpn.log, dhcp.log, etc.) or even log everything to a database like mysql or postgresql.
    Last edited: Jan 28, 2014

Share This Page