- This topic is empty.
May 1, 2009 at 11:54 am #41657redtdiMember
Is it possible to log ZeroShell events to a remote syslog server?
KenMay 2, 2009 at 9:11 am #48057imported_fulvioParticipant
Zeroshell is able to act either as syslog collector for other hosts or syslog client. To configure the syslog daemon to send the messages to an external syslog server just use the link [Logs][Configure]:
– enable the flag [Send logs to remote Syslog];
– specify the [Remote Syslog IP].
FulvioApril 4, 2015 at 8:27 pm #48058
I’m really new in this Forum and need Help to make a successfully configuration to Syslog the Proxy Log.
HTTP Proxy / Proxy Log / Logviewer / Logmanager Setup
and make follow settings..
crossing / Send logs to remote Syslog / typ the IP of my Syslog Server.
Both devices are in the same Network-Range.
The Syslog Server runs on a Synology, and receive Logs from different devices.
My Version is ZS 3.3.2
Hope somebody has a Idea, to make me luky 😉
DonglApril 16, 2015 at 4:49 pm #48059
Not really big traffic at this Topic and forum ,….
Can anyone help me to get logs to my Synology Syslog Server?
I see on my Zeroshell some traffic over port 514 but my Synology receive nothing, if I test my Synology with another Clients, its works.
So please help me to find a Solution.
DonglNovember 17, 2015 at 12:25 am #48060juloweParticipant
Dongl – I’m not familiar with synology syslog, but I was just toying with Zeroshell’s syslog so thought I would add some info in case it helps you.
zeroshell’s version of syslog does not seem able to send messages over tcp (haven’t poked at enough yet to verify for sure), so that might be your problem. my system was initially only set to receive tcp.
also if possible run netcat on your synology server and see if any messages are coming through from zeroshell (or some other way to do packet sniffing on your network)
nc -lu -p 514
this showed that zeroshell was indeed broadcasting messages for me.October 29, 2016 at 6:51 pm #48061
the Zeroshell is still running, but I have still Troubles with Syslog,
I can see in the CNTop Window follow entry:
udp 192.168.100.14 514 192.168.100.217 514 3.22 MB 0.00 B 18.35 Kb/s
at Connection Tracking:
dp 17 29 src=192.168.100.14 dst=192.168.100.217 sport=514 dport=514 packets=21038 bytes=4403927 [UNREPLIED] src=192.168.100.217 dst=192.168.100.14 sport=514 dport=514 packets=0 bytes=0 mark=0 use=1
zersoshell = 192.168.100.14
Syslog Server= 188.8.131.52
The Syslog Server is runing and receive logs from another devices as well.
Can anyone tell me which Setting I have to set?
MarkusOctober 29, 2016 at 7:27 pm #48062
I think importand update….
If I check with wireshark at the Syslog Server, I didnt get any Syslog Package from Zeroshell.
So it Looks like that Zeroshell destroy the Syslog packets.
Has anyone a idea what I have to do?
- You must be logged in to reply to this topic.