Sunday, March 17, 2013

MikroTik remote logging using Ubuntu 10.04 and rsyslog

Quick and easy setup for basic remote logging.

Ubuntu Setup

Uncomment these lines, since RouterOS sends log via UDP on port 514:
$ModLoad imudp
$UDPServerRun 514

Add line(s):
:fromhost-ip,isequal,"192.168.x.1" /var/log/mikrotik-Router1.log
:fromhost-ip,isequal,"192.168.x.2" /var/log/mikrotik-Router2.log

Restart the rsyslog service:
sudo service rsyslog restart

Various ways to view logs:
System Log Viewer (GUI)
Terminal: tail -f /var/log/mikrotik-Router1.log

* Don't forget to allow IP traffic through firewall

MikroTik Setup

Configure logging:

/system logging action
set 3 bsd-syslog=no name=remote remote=192.168.x.x remote-port=514 src-address= syslog-facility=daemon syslog-severity=auto target=remote
/system logging
add action=remote disabled=no prefix="" topics=!debug


Log rotation to keep log file sizes at a fixed size:

1 comment:

  1. Could not get this to work for me .. albeit im on 12.04 not really sure if that could be a difference between working and not..
