Tag Archives: remote

OpenWRT syslog-ng Installation

When I went to process my remote firewall log output from OpenWRT, I noticed that the entries were truncated.  A quick check with tcpdump indicated that the syslog packets were truncated to 256 characters.  As syslogd and klogd are both provided by BusyBox, I decided to replace them both.  The obvious solution was to replace them with syslog-ng.  opkg indicated that it was available, so installation was simple.

Unfortunately, configuration is not yet automated.   A default configuration file is provided in /etc/syslog-ng.   This simply logs to /var/log/messages.  It also assumes that klogd is active.  After some research and experimentation, I came up with a configuration. It can provide a local log in /var/log/messages. More importantly it provides complete firewall log entries to the remote server. Continue reading