How To : Remote logging to a local linux box

Discussion in 'Tomato Firmware' started by vmixus, Jan 28, 2014.

  1. vmixus

    vmixus Serious Server Member

    Some notes on how I setup remote logging from a Tomato router to a Debian Wheezy box.

    STEP 1 : Install syslog-ng
    Code:
    # On Debian using apt-get
    $ apt-get install syslog-ng
    
    # (Optional) Backup the original config file for syslog-ng
    $ cp /etc/syslog-ng/syslog-ng.conf /etc/syslog-ng/syslog-ng.orig
    
    STEP 2 : Configure syslog-ng
    Add following lines to the .conf file and modify settings where appropriate
    Code:
    $ vi /etc/syslog-ng/syslog-ng.conf
    
    # Source declaration for incoming router logs.
    # Modify port number to match Tomato settings.
    source s_router { udp(port(514)); };
    
    # Destination for incoming router logs
    destination d_router { file("/var/log/router/router.log"); };
    
    # Custom log for router logs
    log { source(s_router); destination(d_router); };
    
    Next, we need to manually create the newly specified dir/file.
    Restart syslog-ng and make sure there weren't any syntax errors in .conf file due to typeo's
    Also, if a firewall is locally present on your box remember to allow the above specified port.
    Code:
    # Manually create the specified dir
    $ mkdir /var/log/router
    
    # Make sure the new file exists (this step may not be necessary)
    $ touch /var/log/router/router.log
    
    # Restart syslog-ng
    $ service syslog-ng restart
    [ ok ] Stopping system logging: syslog-ng.
    [ ok ] Starting system logging: syslog-ng.
    
    STEP 3 : Tomato setup
    Finally, point Tomato to save logs to the syslog server.
    Match settings from below under Administration -> Logging
    Change IP / Port to match your environment.
    [​IMG]

    At this point all logs from router should show up on the remote system at the specified location.

    References:
    Below are some links I found helpful. It's also possible to setup filters using syslog-ng so you can split off logs to different files i.e.(firewall.log, vpn.log, dhcp.log, etc.) or even log everything to a database like mysql or postgresql.
     
    Last edited: Jan 28, 2014
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice