ubuntu16.04 monitor openwrt syslog
Table of Contents
1 rsyslog info
- rsyslog can work as server collecting other devices' syslog
- rsyslog can work as client transferring self log to server
2 server config
We use ubuntu16.04 as the server.
2.1 modify rsyslog config
sudo vi /etc/rsyslog.conf
enable udp and tcp monitor:
# provides UDP syslog reception module(load="imudp") input(type="imudp" port="514") # provides TCP syslog reception module(load="imtcp") input(type="imtcp" port="514")
also put the code model below before `GLOBAL DIRECTIVES'
$template IpTemplate,"/var/log/%FROMHOST-IP%.log" *.* ?IpTemplate & ~
If log received from 192.168.1.104, then log file will be:
/var/log/192.168.1.104.log
2.2 restart rsyslog
sudo service rsyslog restart
3 client config
We use openwrt as the client now. Openwrt support logread and it's included in `package/system/ubox'.
3.1 modify openwrt config
change /etc/config/system as below:
config system
option log_port '514'
option log_priority 'LOG_NOTICE'
option log_remote '1'
option log_ip '192.168.1.107'
3.2 restart openwrt logread
/etc/init.d/log restart
4 test
Make sure we can ping through the server and client.
check the client log in server now:
$ tail -f /var/log/192.168.1.104.log