www.zeroshell.org Forum Index www.zeroshell.org
Linux Distribution for server and embedded devices
 
 SearchSearch  RegisterRegister  UsergroupsUsergroups 
 ProfileProfile  Log inLog in  Log in to check your private messagesPrivate Message 

Logging to Syslog Server

 
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell
View previous topic :: View next topic  
Author Message
redtdi



Joined: 21 Nov 2008
Posts: 22

PostPosted: Fri May 01, 2009 11:54 am    Post subject: Logging to Syslog Server Reply with quote

Is it possible to log ZeroShell events to a remote syslog server?

Thanks,
Ken
Back to top
View user's profile Send private message
fulvio
Site Admin


Joined: 01 Nov 2006
Posts: 1072

PostPosted: Sat May 02, 2009 9:11 am    Post subject: Reply with quote

Zeroshell is able to act either as syslog collector for other hosts or syslog client. To configure the syslog daemon to send the messages to an external syslog server just use the link [Logs][Configure]:

- enable the flag [Send logs to remote Syslog];

- specify the [Remote Syslog IP].

Regards
Fulvio
Back to top
View user's profile Send private message Send e-mail
Dongl



Joined: 04 Apr 2015
Posts: 7

PostPosted: Sat Apr 04, 2015 8:27 pm    Post subject: Syslog troubles Reply with quote

Hello

I'm really new in this Forum and need Help to make a successfully configuration to Syslog the Proxy Log.

What I did is...javascript:emoticon('Exclamation')
HTTP Proxy / Proxy Log / Logviewer / Logmanager Setup
and make follow settings..
crossing / Send logs to remote Syslog / typ the IP of my Syslog Server.
Both devices are in the same Network-Range.

The Syslog Server runs on a Synology, and receive Logs from different devices.

My Version is ZS 3.3.2
Hope somebody has a Idea, to make me luky Wink

greetings
Dongl
Back to top
View user's profile Send private message
Dongl



Joined: 04 Apr 2015
Posts: 7

PostPosted: Thu Apr 16, 2015 4:49 pm    Post subject: Reply with quote

Not really big traffic at this Topic and forum ,....

Can anyone help me to get logs to my Synology Syslog Server?

I see on my Zeroshell some traffic over port 514 but my Synology receive nothing, if I test my Synology with another Clients, its works.
So please help me to find a Solution.

Dongl
Back to top
View user's profile Send private message
julowe



Joined: 17 Nov 2015
Posts: 1

PostPosted: Tue Nov 17, 2015 12:25 am    Post subject: Reply with quote

Dongl - I'm not familiar with synology syslog, but I was just toying with Zeroshell's syslog so thought I would add some info in case it helps you.

zeroshell's version of syslog does not seem able to send messages over tcp (haven't poked at enough yet to verify for sure), so that might be your problem. my system was initially only set to receive tcp.

also if possible run netcat on your synology server and see if any messages are coming through from zeroshell (or some other way to do packet sniffing on your network)

nc -lu -p 514

this showed that zeroshell was indeed broadcasting messages for me.
Back to top
View user's profile Send private message
Dongl



Joined: 04 Apr 2015
Posts: 7

PostPosted: Sat Oct 29, 2016 6:51 pm    Post subject: Still open this topic Reply with quote

Hallo again,

the Zeroshell is still running, but I have still Troubles with Syslog,

I can see in the CNTop Window follow entry:

udp 192.168.100.14 514 192.168.100.217 514 3.22 MB 0.00 B 18.35 Kb/s
at Connection Tracking:

dp 17 29 src=192.168.100.14 dst=192.168.100.217 sport=514 dport=514 packets=21038 bytes=4403927 [UNREPLIED] src=192.168.100.217 dst=192.168.100.14 sport=514 dport=514 packets=0 bytes=0 mark=0 use=1

zersoshell = 192.168.100.14
Syslog Server= 192.186.100.217

The Syslog Server is runing and receive logs from another devices as well.

Can anyone tell me which Setting I have to set?

best regard

Markus
Back to top
View user's profile Send private message
Dongl



Joined: 04 Apr 2015
Posts: 7

PostPosted: Sat Oct 29, 2016 7:27 pm    Post subject: Reply with quote

I think importand update....

If I check with wireshark at the Syslog Server, I didnt get any Syslog Package from Zeroshell.

So it Looks like that Zeroshell destroy the Syslog packets.

Has anyone a idea what I have to do?

BR
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    www.zeroshell.org Forum Index -> ZeroShell All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group