How to get klog output send to remote syslog server

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
Rickers
DD-WRT User


Joined: 10 May 2015
Posts: 106

PostPosted: Thu Aug 18, 2022 20:08    Post subject: How to get klog output send to remote syslog server Reply with quote
Hi,
I turned on syslog, klog, and firewall logging and can see the firewall messages in /var/log/messages.

But, they don't get sent to my remote logging console (the syslog messages do get sent).

Is there a way to get these klog messages sent as well to the remote?

Regards, Rick
Build 49741 on WRT1900ACv1
Sponsor
Alozaros
DD-WRT Guru


Joined: 16 Nov 2015
Posts: 6409
Location: UK, London, just across the river..

PostPosted: Fri Aug 19, 2022 9:19    Post subject: Reply with quote
https://wiki.dd-wrt.com/wiki/index.php/Logs

i use 'syslog server' pointed to one of my local PC IP

i do get all the messages...usually ...

but, if you select firewall messages to medium or high syslog will be flooded...

_________________
Atheros
TP-Link WR740Nv1 ---DD-WRT 55179 WAP
TP-Link WR1043NDv2 -DD-WRT 55303 Gateway/DoT,Forced DNS,Ad-Block,Firewall,x4VLAN,VPN
TP-Link WR1043NDv2 -Gargoyle OS 1.15.x AP,DNS,QoS,Quotas
Qualcomm-Atheros
Netgear XR500 --DD-WRT 55460 Gateway/DoH,Forced DNS,AP Isolation,4VLAN,Ad-Block,Firewall,Vanilla
Netgear R7800 --DD-WRT 55460 Gateway/DoT,AD-Block,Forced DNS,AP&Net Isolation,x3VLAN,Firewall,Vanilla
Netgear R9000 --DD-WRT 55363 Gateway/DoT,AD-Block,AP Isolation,Firewall,Forced DNS,x2VLAN,Vanilla
Broadcom
Netgear R7000 --DD-WRT 55460 Gateway/SmartDNS/DoH,AD-Block,Firewall,Forced DNS,x3VLAN,VPN
NOT USING 5Ghz ANYWHERE
------------------------------------------------------
Stubby DNS over TLS I DNSCrypt v2 by mac913
Rickers
DD-WRT User


Joined: 10 May 2015
Posts: 106

PostPosted: Sat Aug 20, 2022 5:36    Post subject: Reply with quote
Alozaros wrote:
https://wiki.dd-wrt.com/wiki/index.php/Logs

i use 'syslog server' pointed to one of my local PC IP

i do get all the messages...usually ...

but, if you select firewall messages to medium or high syslog will be flooded...

Those instructions don't mention you need to enable klogd separately. My issue is that the klogd/firewall messages only appear in /var/log/messages. They don't get sent to the remote IP (via syslog I'm guessing?).

If I, say, drop the VPN and bring it back up, the related messages for that do get sent to my remote listener (I'm just using netcat listening on UDP port 514 just to play around with this).

Can you confirm if you're getting firewall message sent to the remote IP with the latest build?
Regards, Rick
Rickers
DD-WRT User


Joined: 10 May 2015
Posts: 106

PostPosted: Sat Aug 20, 2022 6:41    Post subject: Reply with quote
I got this to work on 49741. I had to reset to Factory Defaults and reapply my config manually.

However, I get a ton of ACCEPT message for UDP port 514 which is the logging itself...any clue how to stop that?

-Rick
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum