Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
docs:guide-user:perf_and_log:log.syslog-ng3 [2018/03/16 21:24] – [Installation] --Backfire-era instruction jeffdocs:guide-user:perf_and_log:log.syslog-ng3 [2018/09/18 18:15] – [Replacing Default Logging with syslog-ng -- 2018] jeff
Line 1: Line 1:
-====== syslog-ng3 ======+====== syslog-ng ======
  
 ===== Installation ===== ===== Installation =====
 +
 +
 +==== Replacing Default Logging with syslog-ng -- 2018 ====
 +
 +
 +As of March, 2018, https://openwrt.org/packages/pkgdata/syslog-ng is version 3.8.1
 +
 +As of July, 2018, version 3.16 is being supplied. Restart of ''syslog-ng'' may give the self-explanatory log message
 +
 +  WARNING: Configuration file format is too old, syslog-ng is running in compatibility mode. 
 +  Please update it to use the syslog-ng 3.16 format at your time of convenience. 
 +  To upgrade the configuration, please review the warnings about incompatible changes printed by syslog-ng, 
 +  and once completed change the @version header at the top of the configuration file.;
 +
 +
 +On ''master'' of April, 2018, the following steps will replace the default OpenWRT logging with ''syslog-ng''
 +  * Install ''syslog-ng'' and its dependencies
 +  * Disable the default logging with ''/etc/init.d/log disable'' or by removing the symlink in ''/etc/rc.d''
 +  * Confirm that ''syslog-ng'' is enabled; ''/etc/rc.d/S20syslog-ng -> ../init.d/syslog-ng''
 +  * reboot
 +
 +
 +----
  
  
Line 18: Line 41:
 </code> </code>
  
- 
----- 
- 
-As of March, 2018, https://openwrt.org/packages/pkgdata/syslog-ng is version 3.8.1 
 ===== Configuration ===== ===== Configuration =====
  
 Configuration is controlled by ''/etc/syslog-ng.conf'' The default configuration logs to ''/var/log/messages''. Configuration is controlled by ''/etc/syslog-ng.conf'' The default configuration logs to ''/var/log/messages''.
  
-Below is a sample configuration for logging to a remote server via UDP (from http://www.systemajik.com/blog/openwrt-syslog-ng-installation/):+Below is a sample configuration for logging to a remote server via TCP (extended from default config file):
  
 <code> <code>
 +@version:3.9
 options { options {
-    chain_hostnames(off); +        chain_hostnames(no); 
-    sync(0); +        create_dirs(yes); 
-    stats(0);+        flush_lines(0); 
 +        keep_hostname(yes); 
 +        log_fifo_size(256); 
 +        log_msg_size(8192); 
 +        stats_freq(0); 
 +        flush_lines(0); 
 +        use_fqdn(no); 
 +        # Do not add "--MARK--" entries to the log 
 +        mark_freq(0); 
 +}; 
 +filter notice_or_higher { 
 +        level(notice..emerg)  # remove debug and info message 
 +}; 
 +source src { 
 +        internal(); 
 +        unix-dgram("/dev/log"); 
 +}; 
 +source kernel { 
 +        file("/proc/kmsg" program_override("kernel")); 
 +}; 
 +source net { 
 +        tcp(ip(0.0.0.0) port(514)); 
 +}; 
 +destination messages { 
 +        file("/var/log/messages"); 
 +}; 
 +destination syslogd_tcp { 
 +        tcp("syslog." port(514));    # hostname is syslog, replace with your own loghost name or IP
 }; };
- 
-source src { unix-stream("/dlog"); internal(); }; 
-source kernel { file("/proc/kmsg" log_prefix("kernel: ")); }; 
- 
-destination messages { file("/var/log/messages" log_fifo_size(256)); }; 
-destination d_udp { udp("192.168.10.2" port(514)); }; 
- 
 log { log {
-    source(src); +        source(src); 
-    source(kernel); +        source(kernel); 
-    destination(d_udp); +        filter(notice_or_higher); 
-#    destination(messages);+        destination(messages); 
 +        destination(syslogd_tcp);
 }; };
 +# put any customization files in this directory
 +@include "/etc/syslog-ng.d/
 </code> </code>
  
  • Last modified: 2024/06/02 06:40
  • by stokito