How to transfer the complete Linux log from a DAL device to a syslog server

Many Digi routers and network infrastructure devices are running the Digi Accelerated Linux (DAL) operating system.

In this system you can configure (several) external syslog server(s) to receive notification for Events happening in the system. You may filter these by Event categories.

You might notice that the system log available from the web interface (which is a complete Linux /var/log/messages) contains much more information, like kernel messages from loaded drivers, warnings or error messages which are not counted to the Event categories typically considered to be transferred to syslog servers.

Since these messages are raw printed by the kernel and not counted as Events, they are not selected to be transmitted to the syslog server(s).

To workaround this, you may configure a custom script which is transmitting all kernel messages to the syslog server as explained below:

Open System > Configuration > Device Configuration. Select System > Log > Server list

to add your syslog servers. In System > Scheduled tasks, select Custom scripts and add a custom script named e.g. "all_system_logs_to_remote_server". Enable the script, let it run in "Interval" mode e.g. every one hour and select "Run single". See the example below:

systemConfigWithCustomScript

Find the source code of the script to be copied into the "Commands" field atttached:

all_system_logs_to_remote_server.txt

see the full source code of the script furher below. Don't forget to hit the "APPLY" button to save your script and settings in the web interface.

This script will override the Event categories filtering. If you would like to filter out any messages you would need to program/code this into the script itself.

 


#!/bin/sh
# Start syslogd

#exec 2>/dev/console
#set -x

SYSLOG_CONF=/var/run/syslog.conf
syslog_servers="$(config dump system.log.remote | grep 'server=' | cut -f2 -d'=')"
syslog_update_needed=0

for i in $syslog_servers; do
  grep -q "$i" $SYSLOG_CONF || syslog_update_needed=1
done

if [ "$syslog_update_needed" = '1' ]; then
	kill $(cat /var/run/syslogd.pid)
	echo "*.* -/var/log/messages" > ${SYSLOG_CONF}
	for i in $syslog_servers; do
		echo "*.* @$i" >> ${SYSLOG_CONF}
	done
	/usr/sbin/syslogd -f "${SYSLOG_CONF}"
fi

exit 0
Last updated: Jan 01, 2024

Recently Viewed

No recently viewed articles

Did you find this article helpful?