Remote MikroTik Log to FreeBSD syslogd

By : Hendy Joe Sebenarnya ada banyak tool untuk log mikrotik, mikrotik sendiri menyediakan MT_Syslog  running di windows, atau yang berbayar...

By : Hendy Joe
Sebenarnya ada banyak tool untuk log mikrotik, mikrotik sendiri menyediakanMT_Syslog running di windows, atau yang berbayar seperti kiwisyslog, untuk keluarga *nix anda bisa menggunakan syslog-ng,
yang bisa dikombinasikan dengan mysql sehingga controlling log dapat dilakukan dengan rapi & mudah, tapi perlu diingat mysql “rakus” memory, untuk hardware all in one service & dengan memory pas²an not recomended lah, nah alternative lainnya adalah menggunakan syslogd, yang emank udah running di freebsd, let’s we start!
NOTE :  MikroTik Handle seluruh urusan routing, FreeBSD di posisikan sejajar MikroTik & diberlakukan static route!
# ip freebsd server : 192.168.2.1
# defaultrouter : 192.168.2.2
masuk freebsd console »
edit /etc/syslog.conf salin dan tambahkan »
!*
+192.168.2.2
local0.* /var/log/mikrotik.log
penting, agar log tidak melakukan double write ke /var/log/messages
tambahkan local0.none di baris /var/log/messages, seperti ini contohnya »
*.notice;local0.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages
next, edit & tambahkan di /etc/rc.conf
syslogd_enable=”YES”
syslogd_flags=”-a 192.168.2.0/30:* -vv”
masuk ke dir /var/log
create »
# touch mikrotik.log
# chmod 600 mikrotik.log
and then restart syslogd anda
# /etc/rc.d/syslogd restart
enough! sekarang beralih ke winbox atau console mikrotik.
/system logging
add action=remote disabled=no prefix=”" topics=info
add action=remote disabled=no prefix=”" topics=error
add action=remote disabled=no prefix=”" topics=warning
add action=echo disabled=no prefix=”" topics=critical
add action=remote disabled=no prefix=”" topics=firewall
and last »
/system logging action
set remote bsd-syslog=yes name=remote remote=192.168.2.1:514 src-address=0.0.0.0 syslog-facility=local0 syslog-severity=auto target=remote
kalo udah semua, and step² nya bener, hasilnya gini »
[root@bsdbox ~]# tail -f /var/log/mikrotik.log
May 9 08:44:42 192.168.2.2 MikroTik user admin logged out from 192.168.0.100 via winbox
May 9 08:45:52 192.168.2.2 MikroTik user admin logged in from 192.168.0.100 via winbox
May 9 08:46:50 192.168.2.2 MikroTik simple queue changed by admin
May 9 08:49:06 192.168.2.2 MikroTik simple queue changed by admin
May 9 08:51:09 192.168.2.2 last message repeated 10 times
May 9 08:54:37 192.168.2.2 MikroTik user admin logged out from 192.168.0.100 via winbox
May 9 08:57:05 192.168.2.2 MikroTik user admin logged in from 192.168.0.100 via winbox
May 9 09:01:45 192.168.2.2 MikroTik nat rule changed by admin
May 9 10:18:10 192.168.2.2 MikroTik user admin logged in from 192.168.0.100 via ssh
May 9 10:53:56 192.168.2.2 MikroTik dhcp1 assigned 192.168.5.6 to 00:25:D0:09:C0:05
Tips : biar log gak “menggunung” , masuk ke /etc/newsyslog.conf & tambahkan »
/var/log/mikrotik.log 600 5 * @T00 JC
:: soal newsyslog next article.. (kalo gak males :D )

COMMENTS

Name

Application Support,19,database server,1,Desktop/XWindow,1,DNS Server,2,Email Server,3,Firewall,1,FTP Server,2,General,2,IPFilter,1,Kernel,2,Networking,8,Proxy Server,4,Security,6,Tips and Trick,5,Web Server,2,
ltr
item
IndoFreeBSD: Remote MikroTik Log to FreeBSD syslogd
Remote MikroTik Log to FreeBSD syslogd
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIczb2bmm6Mhq5D6mKbAq23L5EM8yeLrBl6t4Lj2xoZSNkKxAym52sVmn7FVvegh_hrInMlAGTzQZGMAbSIpN1maG6dP9rVlH8fEZ1IYwk4-NgN2tile5_KUvmgWWBxahaZ_qtIW8Os8G2/s1600/syslog.gif
https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIczb2bmm6Mhq5D6mKbAq23L5EM8yeLrBl6t4Lj2xoZSNkKxAym52sVmn7FVvegh_hrInMlAGTzQZGMAbSIpN1maG6dP9rVlH8fEZ1IYwk4-NgN2tile5_KUvmgWWBxahaZ_qtIW8Os8G2/s72-c/syslog.gif
IndoFreeBSD
https://www.indofreebsd.or.id/2015/02/remote-mikrotik-log-to-freebsd-syslogd.html
https://www.indofreebsd.or.id/
http://www.indofreebsd.or.id/
http://www.indofreebsd.or.id/2015/02/remote-mikrotik-log-to-freebsd-syslogd.html
true
1901051463523757307
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share to a social network STEP 2: Click the link on your social network Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy Table of Content