Setup Remote Logging on an Ubuntu rsyslog Server for DD-WRT to Use
Wednesday, June 9th, 2021Setup Remote Logging on an Ubuntu rsyslog Server for DD-WRT to Use
Enable remote logging on an Ubuntu server by configuring rsyslog to allow remote connections from port 514 (adjust as needed):
sudo nano /etc/rsyslog.conf
Uncomment the imudp and imtcp load module statements like so (adjusting as needed):
# provides UDP syslog reception module(load="imudp") input(type="imudp" port="514") # provides TCP syslog reception module(load="imtcp") input(type="imtcp" port="514")
Create a logging template and apply it only to remote hosts that start with "c-" (comcast connection remote host prefix [followed by the IP address of the device which can change])
# Comcast remote logging $template remote-incoming-logs, "/var/log/remote_logs/%HOSTNAME%/%PROGRAMNAME%.$ if $fromhost startswith "c-" then -?remote-incoming-logs
Save and quit.
Restart the rsyslog daemon:
sudo service rsyslog restart
Remote logs will be stored in /var/log/remote_logs
Configure logrotate to process and rotate these logs automatically (so you don't lose them and have a history on them):
sudo nano /etc/logrotate.d/ddwrt
Paste these contents into the file:
/var/log/remote_logs/*.log /var/log/remote_logs/*/*.log { daily missingok compress delaycompress su syslog adm }
Save and quit.
Everything has been configured, and remote logging should work from your DD-WRT router once you set the remote URL to your server's IPAddress:port combo and apply the changed settings.