We use cookies to help us improve our webpage. Please read our Cookie Policy .

NAS 272

Using Your NAS as a Syslog Server

Enable your NAS as a Syslog Server to centrally manage the logs from all network devices

2017-11-22

COURSE OBJECTIVES
Upon completion of this course you should be able to:
1. Use your NAS as a Syslog Server to centrally collect and manage all logs from syslog-compliant network devices.

PREQUISITES
Course Prerequisites:
None
Students are expected to have a working knowledge of:

N/A


OUTLINE
1. Configuring Syslog Server
2. Configuring Syslog Client
3. Managing Syslog Server
3.1 Overview
3.2 Log
3.3 Archive
3.4 Notification



1. Configuring Syslog Server

In the following example, we will configure ASUSTOR NAS’s Syslog Server.

Before you begin, log in to ADM from your web browser and then search for and install [Syslog Server] from [App Central].


When the installation is finished, click on the [Syslog Server ] icon in ADM to access it.


STEP 1

Select [Settings] from the left panel, check the [Enable Syslog Server] option and choose [Enable TCP] or [Enable UDP], then click [Apply].



Note:
1. All syslog-compliant clients can send logs via UDP protocol, but not all syslog clients support TCP transmission. Thus, after you specify the receiving protocol (TCP/UDP) on Syslog Server, please make sure that all syslog clients can use the same protocol to transmit logs.
2. The default port number for Syslog protocol is 514. If you change the port number on Syslog Server, please use the same port on the client side.
3. ASUSTOR Syslog Server supports TCP encrypted transmission via SSL. If you enable SSL for TCP receiving on Syslog Server, please click the [Export] button below to save the SSL certificate to your local PC, and import it to all Syslog clients.
4. If there are multiple Syslog Servers in the same local network, please do not configure them in a loop. For example, devices A, B, C are running Syslog Server and Syslog Client simultaneously. If the syslog route is defined as AèBèCèA
, then it is a loop. The messages will be repeatedly transmitted in a loop, which could then crash the entire LAN.


STEP 2

Switch to the [Filter] tab and click the [Add] button to create filters. Syslog Server will only receive and save logs that match the specified criteria.



Facility: The parameters below are provided according to RFC 3164:

Value

Description

auth

authorization messages

authpriv

Non-system authorization messages

cron

scheduling daemon

daemon

system daemons

ftp

FTP daemon

kern

kernel messages

lpr

line printer subsystem

mail

mail system

news

network news subsystem

security

security messages

syslog

messages generated internally by syslogd

user

user-level messages

uucp

UUCP subsystem

local0

local use 0 (local0)

local1

local use 1 (local1)

local2

local use 2 (local2)

local3

local use 3 (local3)

local4

local use 4 (local4)

local5

local use 5 (local5)

local6

local use 6 (local6)

local7

local use 7 (local7)


Severity: The parameters below are provided according to RFC 3164:

Value

Description

Emerg

System is unusable

Alert

Action must be taken immediately

Crit

Critical conditions

Err

Error conditions

Warning

Warning conditions

Notice

Normal but significant condition

Info

Informational messages

Debug

Debug messages


2. Configuring Syslog Client

In the following example, we will configure ASUSTOR NAS as a syslog client. As to the syslog client settings of other network devices, please refer to their user manuals.


STEP 1

Click [System Information] on ADM, select the [Log] tab and click the [Syslog] button.



STEP 2

Check the [Enable Syslog Client] option, then enter the Syslog Server IP, protocol type and port number. Select the log type and level that you want to send to the Syslog Sever, then click [OK].



Note: If there are multiple Syslog Servers in the same local network, please do not configure them in a loop.


3. Managing Syslog Server
3.1 Overview
There are 3 types of graphical interfaces that allow managers to quickly view the number and the distribution of logs.

3.2 Log

You can view all the received logs here.



Export: You can select the export file format (HTML or CSV) here.

Most recent log: Use this button to switch among recent log and archived logs.
Clear: Use this button to clear all recent logs.

Advanced Search: Here you can define the search conditions (keyword, device, level, facility, time period, program name) to view specific logs.




3.3 Archive



Save to: Here you can specify the folder to save archived logs in.

Log name and format: You can define the naming rules for auto archived logs here.
Auto Archive Rules: Here you can define the criteria (log size, log count, log time) for the system to archive logs automatically.

3.4 Notification

Here you can define rules to get e-mail notifications when specific logs are received or when specific events occur.



Note: Before enabling this function, please go to [Settings][Notification] in ADM, and complete e-mail sender configurations on the [Send] tab first.

Was this article helpful? Yes / No