FireBrick Syslog: Difference between revisions
m (→FireBrick Side: clean up, typos fixed: eg → e.g.) |
mNo edit summary |
||
Line 30: | Line 30: | ||
[[Category:FireBrick]] |
[[Category:FireBrick|syslog]] |
Revision as of 09:41, 25 March 2015
Syslog setup
On a CentOS machine take these steps to get the FB to log to /var/log/local0
Server Side
- Enable syslog to receive messages from the network:
- in /etc/sysconfig/syslog, add -r to SYSLOGD_OPTIONS
- Set up a syslog facility:
- in /etc/syslog.conf add local0.* -/var/log/local0
- Set up logrotate to process the log file (not essential, but useful):
- in /etc/logrotate.d/syslog add /var/log/local? to the first line of files
restart syslog service
Windows
There are various syslog 'server' programs that will receive the syslog messages from the FireBrick and display/log it. One such program is available from www.boris.org.uk.
FireBrick Side
On the FireBrick, add/edit the syslog line as follows:
<syslog server="ip.of.your.server" severity="NOTICE" facility="LOCAL0"/>
You can set the severity to log more (e.g. set to DEBUG), but then you'll get a log line every second! See the Docs for more info.
If you then tail /var/log/local0 you'll see log messages