Topic: send/store Cisco router logs on SME?

[Patrick Basile]

Hey everybody,

I'd like to send the router log from a Cisco 1720 to the SME V5 server and then store it for later viewing if needed.  Has anyone done this?  If so, how?  Is there a special application that I need to run on SME in order to allow the router to send the logs and store them?  Thanks.

Regards,
Patrick

[Filippo Carletti]

Logging to syslog from a cisco ?
Start syslogd with remote log (-r option) but check that e-smith ipchains let packets pass (port 514 udp)
On the cisco:
logging ip.of.your.server

[Patrick Basile]

Filippo,

Hey...long time no talk.  How are you?  Last I heard you were going to do some work on a new version of SARG...anything come of that?

As far as this - yes, I'm trying to place/store Cisco router logs on my SME server.  Forgive this newbie question, but is syslog already installed on SME by default?  Could you provide more specific details on the syslogd command?  I might need some help checking the IP chains rules, and then modifying them.

Thanks for your response - I appreciate it.

Regards,
Patrick

[Filippo Carletti]

sarg is on the way.

syslog is enabled but doesn't accept mesages from network
Modify /etc/rc.d/init.d/syslog line 27 add -r to the options
If port 514/upd is open ti should work.
Let us know.

[Patrick Basile]

Filippo,

Which of the lines below do I modify?

#---------------------------------------------------------------------------
# e-smith mod - listen to /dev/log socket in DNS chroot() jail
#       daemon syslogd -m 0
        daemon syslogd -m 0 -a /home/dns/dev/log
# e-smith mod end
#---------------------------------------------------------------------------

Thanks.

Patrick

[Filippo Carletti]

> Which of the lines below do I modify?
>         daemon syslogd -m 0 -a /home/dns/dev/log

Add -r before -m

I'm nearly sure you'll find port 514 filtered.