FireBrick Syslog: Difference between revisions

From AAISP Support Site
 
(5 intermediate revisions by 2 users not shown)
Line 1: Line 1:
[[File:2700-small.png|link=:Category:FireBrick]]

=Syslog setup=
=Syslog setup=
On a CentOS machine take these steps to get the FB to log to /var/log/local0
On a CentOS machine take these steps to get the FB to log to /var/log/local0
Line 17: Line 19:


==FireBrick Side==
==FireBrick Side==
You can do this via the web User Interface under:
Config -> Edit -> Setup -> Add (under Log target controls)


On the FireBrick, add/edit the syslog line as follows:
Via the XML editor, add/edit the syslog line as follows:
<syntaxhighlight>
<syntaxhighlight>

<syslog server="ip.of.your.server" severity="NOTICE" facility="LOCAL0"/>
<log name="Syslog">
<syslog server="ip.of.your.server" severity="NOTICE" facility="LOCAL0"/>
</log>
</syntaxhighlight>
</syntaxhighlight>


You can set the severity to log more (eg set to DEBUG), but then you'll get a log line every second! See the Docs for more info.
You can set the severity to log more (e.g. set to DEBUG), but then you'll get a log line every second! See the Docs for more info.


If you then tail /var/log/local0 you'll see log messages
If you then tail /var/log/local0 you'll see log messages




[[Category:FireBrick]]
[[Category:FireBrick|syslog]]

Latest revision as of 12:38, 4 September 2015

2700-small.png

Syslog setup

On a CentOS machine take these steps to get the FB to log to /var/log/local0

Server Side

  • Enable syslog to receive messages from the network:
    • in /etc/sysconfig/syslog, add -r to SYSLOGD_OPTIONS
  • Set up a syslog facility:
    • in /etc/syslog.conf add local0.* -/var/log/local0
  • Set up logrotate to process the log file (not essential, but useful):
    • in /etc/logrotate.d/syslog add /var/log/local? to the first line of files

restart syslog service

Windows

There are various syslog 'server' programs that will receive the syslog messages from the FireBrick and display/log it. One such program is available from www.boris.org.uk.

FireBrick Side

You can do this via the web User Interface under:

Config -> Edit -> Setup -> Add (under Log target controls)

Via the XML editor, add/edit the syslog line as follows:

   <log name="Syslog">
      <syslog server="ip.of.your.server" severity="NOTICE" facility="LOCAL0"/>
   </log>

You can set the severity to log more (e.g. set to DEBUG), but then you'll get a log line every second! See the Docs for more info.

If you then tail /var/log/local0 you'll see log messages