05 Mar 2008

A Quick Intro to syslog-ng

This is just a quick entry to point out a very nice, helpful, HOWTO-style guide on QuietEarth.us that goes through the process of setting up syslog-ng to receive remote log entries from another device on the local network.

In my case, as in the author’s, I wanted to send the logs produced by my gateway/router running OpenWRT to a Linux box with plenty of storage for later analysis. Although this can be done with the stock – and ancient – sysklogd, it’s as good an excuse as any to install syslog-ng, which is much more flexible. Installation on Ubuntu Dapper is painless, and with a few lines of configuration you can have your router’s (or other device’s) logs sent to a central machine, filtered, and logged into its own file.

I can vouch for the instructions in the article as working perfectly on Ubuntu 6.06.02 LTS and an OpenWRT router. (Enabling log transmission on the router requires enabling the syslogd service under the ‘Administration’ tab, ‘Services’ subtab.)

The logical continuation of this is to transmit logs not from two computers on a LAN using UDP, which is the standard method, but over the Internet using TCP – encrypted, of course. This article seems like just the thing, and I’ll probably be playing around with it more in the future.

This entry was converted from an older version of the site; if desired, it can be viewed in its original format.