Collecting logs from remote machine
I'm setting up collecting logs from Asterisk on FreeBSD (10.1.34.30) - to OpenBSD machine (10.145.13.22).
The remote part (Asterisk, FreeBSD) are already configured. tcpdump (run on FreeBSD) shows that logs are sent from FreeBSD machine to OpenBSD:
10:53:12.752395 IP 10.1.34.30.514 > 10.145.13.22.514: SYSLOG local0.notice, length: 144 10:53:37.288066 IP 10.1.34.30.514 > 10.145.13.22.514: SYSLOG local0.notice, length: 144 10:54:09.596454 IP 10.1.34.30.514 > 10.145.13.22.514: SYSLOG local0.notice, length: 144
# netstat -f inet -nla | grep 514 udp 0 0 *.514 *.*
# pfctl -sr block drop all pass all flags S/SA block drop in on ! lo0 proto tcp from any to any port 6000:6010
The problem: where is the log stored?
There is no /var/log/syslog on OpenBSD. Its creation haven't helped (file remains empty).
'ps aux | grep syslog' shows two destinations, but they are also empty:
# ps aux | grep syslog _syslogd 26787 0.0 0.0 428 732 ?? S 4:23PM 0:00.02 /usr/sbin/syslogd -a /var/www/dev/log -a /var/empty/dev/log root 23392 0.0 0.0 420 756 ?? Is 4:23PM 0:00.00 syslogd: [priv] (syslogd) root 31053 0.0 0.0 492 724 p0 S+ 5:02PM 0:00.00 grep syslog
So, the logs are sent successfully. I just need to catch them. And I wonder, how it could be done.
|Thread||Thread Starter||Forum||Replies||Last Post|
|wierd logs in pf||kondziq||FreeBSD Security||6||19th June 2010 04:27 PM|
|Google Street View logs WiFi networks, Mac addresses||J65nko||News||1||22nd April 2010 09:52 PM|
|tftp logs||syrushcw||FreeBSD General||1||25th June 2008 04:06 PM|
|how extract specific test from Postfix logs with PHP or Perl||marco64||Programming||3||21st June 2008 12:46 PM|
|How do I get network logs?||Johnny2Bad||FreeBSD General||2||22nd May 2008 05:37 PM|