Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revisionLast revisionBoth sides next revision | ||
| docs:user-guide:services:log.syslog-ng3 [2018/02/17 19:28] – ↷ Page moved from doc:howto:log.syslog-ng3 to docs:user-guide:services:log.syslog-ng3 bobafetthotmail | docs:guide-user:perf_and_log:log.syslog-ng3 [2024/06/02 06:39] – [logread] stokito | ||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | ====== syslog-ng3 ====== | + | ====== syslog-ng ====== |
| ===== Installation ===== | ===== Installation ===== | ||
| - | < | + | ==== Replacing Default Logging with syslog-ng -- 2018 ==== |
| - | # opkg install | + | |
| - | </code> | + | As of February, 2019, version of syslog-ng in OpenWrt master is 3.19.1 |
| + | |||
| + | As of March, 2018, https:// | ||
| + | |||
| + | On '' | ||
| + | * Install '' | ||
| + | * Disable the default logging with ''/ | ||
| + | * Confirm that '' | ||
| + | * reboot | ||
| + | |||
| + | |||
| + | ---- | ||
| - | {{: | ||
| - | In Backfire | + | FIXME Much of the following appears to be from Backfire, |
| < | < | ||
| - | # opkg install | + | # opkg install |
| </ | </ | ||
| Line 19: | Line 29: | ||
| Configuration is controlled by ''/ | Configuration is controlled by ''/ | ||
| - | Below is a sample configuration for logging to a remote server via UDP (from http:// | + | Below is a sample configuration for logging to a remote server via TCP (extended |
| < | < | ||
| + | ############################################################################# | ||
| + | # OpenWrt syslog-ng.conf specific file | ||
| + | # which collects all local logs into a single file called / | ||
| + | # More details about these settings can be found here: | ||
| + | # https:// | ||
| + | |||
| + | @version: 3.19 | ||
| + | @include " | ||
| + | @include "/ | ||
| + | |||
| options { | options { | ||
| - | | + | chain_hostnames(no); # Enable or disable the chained hostname format. |
| - | sync(0); | + | create_dirs(yes); |
| - | stats(0); | + | keep_hostname(yes); |
| + | log_fifo_size(256); | ||
| + | log_msg_size(1024); | ||
| + | stats_freq(0); # The period between two STATS messages (sent by syslog-ng, containing statistics about dropped logs) in seconds. | ||
| + | flush_lines(0); # How many lines are flushed to a destination at a time. | ||
| + | use_fqdn(no); | ||
| }; | }; | ||
| - | source src { unix-stream("/ | + | filter notice_or_higher |
| - | source kernel { file("/ | + | level(notice..emerg) # remove debug and info message |
| - | + | }; | |
| - | destination messages { file("/ | + | |
| - | destination d_udp { udp(" | + | |
| + | # syslog-ng gets messages from syslog-ng (internal) and from /dev/log | ||
| + | source src { | ||
| + | internal(); | ||
| + | unix-dgram("/ | ||
| + | }; | ||
| + | source kernel { | ||
| + | file("/ | ||
| + | }; | ||
| + | source net { | ||
| + | tcp(ip(0.0.0.0) port(514)); | ||
| + | }; | ||
| + | destination messages { | ||
| + | file("/ | ||
| + | }; | ||
| + | destination syslogd_tcp { | ||
| + | tcp(" | ||
| + | }; | ||
| log { | log { | ||
| - | | + | |
| - | source(kernel); | + | source(kernel); |
| - | | + | |
| - | # | + | destination(messages); |
| + | destination(syslogd_tcp); | ||
| }; | }; | ||
| </ | </ | ||
| Line 71: | Line 112: | ||
| # / | # / | ||
| </ | </ | ||
| + | |||
| + | |||
| + | ===== logread ===== | ||
| + | |||
| + | The logread is an interface to read log messages. | ||
| + | When the syslog-ng installed then the default OpenWrt '' | ||
| + | |||
| + | To show all log messages that contains a specific text (like a daemon name) and follow (like in tail -f) use: | ||
| + | <code bash> | ||
| + | logread -fe firewall | ||
| + | </ | ||
| + | |||
| + | The script has less options than the ubox logread: | ||
| + | < | ||
| + | -l < | ||
| + | -e < | ||
| + | -f | ||
| + | -h Print this help message | ||
| + | </ | ||
| + | |||