Showing posts with label syslog. Show all posts
Showing posts with label syslog. Show all posts

Sunday, March 17, 2013

MikroTik remote logging using Ubuntu 10.04 and rsyslog

Quick and easy setup for basic remote logging.


Ubuntu Setup



/etc/rsyslog.conf
Uncomment these lines, since RouterOS sends log via UDP on port 514:
$ModLoad imudp
$UDPServerRun 514

/etc/rsyslog.d/50-default.conf
Add line(s):
:fromhost-ip,isequal,"192.168.x.1" /var/log/mikrotik-Router1.log
:fromhost-ip,isequal,"192.168.x.2" /var/log/mikrotik-Router2.log

Restart the rsyslog service:
sudo service rsyslog restart

Various ways to view logs:
System Log Viewer (GUI)
Terminal: tail -f /var/log/mikrotik-Router1.log

* Don't forget to allow IP traffic through firewall


MikroTik Setup


Configure logging:

/system logging action
set 3 bsd-syslog=no name=remote remote=192.168.x.x remote-port=514 src-address=0.0.0.0 syslog-facility=daemon syslog-severity=auto target=remote
/system logging
add action=remote disabled=no prefix="" topics=!debug


Other


Log rotation to keep log file sizes at a fixed size:
http://www.rsyslog.com/doc/log_rotation_fix_size.html
Posted by random tweaks at 10:58 PM 1 comments
Labels: , , , ,
Subscribe to: Posts (Atom)