Author Topic: Menyimpan Log Mikrotik Router ke Remot SYSLOG server ClearOS 5.2  (Read 2592 times)

0 Members and 1 Guest are viewing this topic.

Offline br4vo

  • Baru Gabung
  • *
  • Posts: 30
  • ilove myself
    • View Profile
Menyimpan Log Mikrotik Router ke Remot SYSLOG server ClearOS 5.2
« on: Sunday, 08 April 2012, 01:29:37 »
#IP router mikrotik 172.16.0.1 (sesuaikan )
#ip server log 10.4.40.4 (sesuaikan)


1.Konfigurasi Router Mikrotik
Code: [Select]
/system logging action
set remote bsd-syslog=yes name=remote remote=10.4.40.4 remote-port=514 src-address=0.0.0.0 syslog-facility=local0 syslog-severity=auto target=remote
/system logging
add action=remote disabled=no prefix="" topics=!async




2.Konfigurasi ClearOS 5.2 server.
tidak perlu menginstall syslogd karena sudah ada di ClearOS 5.2
edit nano /etc/sysconfig/syslog (saya klo edit suka pake nano)

Tambahkan "-r" di variable SYSLOGD_OPTIONS
seperti ini,
Code: [Select]
[root@proxy ~]# cat /etc/sysconfig/syslog
# Options to syslogd
# -m 0 disables 'MARK' messages.
# -r enables logging from remote machines
# -x disables DNS lookups on messages recieved with -r
# See syslogd(8) for more details
SYSLOGD_OPTIONS="-r -m 0"
# Options to klogd
# -2 prints all kernel oops messages twice; once for klogd to decode, and
#    once for processing with 'ksymoops'
# -x disables all klogd processing of oops messages entirely
# See klogd(8) for more details
KLOGD_OPTIONS="-c 1 -2"
#
SYSLOG_UMASK=077
# set this to a umask value to use for all log files as in umask(1).
# By default, all permissions are removed for "group" and "other".
[root@proxy ~]#

Restart the syslog service.
Code: [Select]
[root@proxy ~]# service syslog restart
Shutting down kernel logger:                               [  OK  ]
Shutting down system logger:                               [  OK  ]
Starting system logger:                                    [  OK  ]
Starting kernel logger:                                    [  OK  ]
[root@proxy ~]#

Konfigurasi Client Mesin (disini ip router saya 172.16.0.1)
nano /etc/syslog.conf
tambahkan,
Code: [Select]
local0.*
*.* 172.16.0.1

setelah ditambahkan ip router seperti ini di /etc/syslog.conf
Code: [Select]
[root@proxy ~]# cat /etc/syslog.conf
# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none;local6.none;local5.none;local0.* /var/log/messages
*.* @172.16.0.1
# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog


# Log cron stuff
cron.*                                                  /var/log/cron

# Everybody gets emergency messages
*.emerg                                                 *

# Save news errors of level crit and higher in a special file.
uucp,news.crit                                          /var/log/spooler

# Save boot messages also to boot.log
local7.*                                                /var/log/boot.log
local6.*                        /var/log/system
local5.*                        /var/log/compliance
local0.*                        /var/log/suva

[root@proxy ~]#

Restart the service
Code: [Select]
[root@proxy ~]# service syslog restart
Shutting down kernel logger:                               [  OK  ]
Shutting down system logger:                               [  OK  ]
Starting system logger:                                    [  OK  ]
Starting kernel logger:                                    [  OK  ]
[root@proxy ~]#

Buka terminal ClearOS  lihat /var/log/messages dan restart syslog service dirouter. anda akan melihat log router mikrotik anda  di terminal server ClearOS 5.2.
seperti ini log Router saya di terminal ClearOS 5.2 server,




semoga bisa bermanfaat

sumber artikel :
http://google.com
http://www.linuxhelp.in/2010/10/how-to-configure-syslog-server-or.html
« Last Edit: Sunday, 08 April 2012, 01:35:42 by br4vo »
 

Hello Guest! Replies in this topic have been hidden from view. You are currently missing 3 replies. Please register or login if you want to view the replies.