Syslog is a standard for message logging. It allows for messages from different devices to be collected in one place automatically once it is configured. This can be extremely powerful to monitor equipment as well as keep an eye on potential problems. There are a ton of different options out there for Syslog servers; some free, some paid. A good server to start with is Solarwinds Kiwi Syslog server, which allows for monitoring up to 5 devices with their free version. It can be expanded to many more devices and additional features after purchasing a full license. For the purpose of this entry the free version will be used and is available for download (see attachment).
Setting up the Syslog Server
- Download Syslog Server.
- Unzip and Install Syslog Server.
- Installing as a Service allows the syslog server to run when a user is NOT logged into the PC but it is running.
- Installing as an application requires a user to be logged in and the program to be run to be active. For the purposes of this article we will use this process.
- Once installed run Kiwi Syslog Server.
- Go to File --> Setup to setup the server. This can also be done by clicking the paper icon with a check mark.
- In Setup click on Inputs in the left hand column.
- Add the IP Address of the device to monitor. This would be the IP Address of the CyberData Device.
- Press the Add button to confirm the IP Address.
- Then click on UDP, a sub group of Inputs.
- Change the UDP port if necessary based on the network. For the purposes of this guide it will be left at 514.
- Set the Bind to Address to the IP Address of the PC where the Syslog Server is running. Keep in mind that this must be in the same subnet of the devices being monitored.
- Click on Rules in the left hand column and select the subgroup "Log to File". Set the desired logging location for the server to keep track of messages received over a long period of time.
- Press Apply.
- Press OK.
- At this point the server is prepared to receive syslog messages.
Setting up the CyberData Device to send Syslog messages.
- Log into the CyberData Device.
- Point the browser to the debug page.
- The debug page is at different locations depending on the hardware version of the device.
- If the address of the home tab is "https://IP-ADDRESS/cgi-bin/home.cgi"
- The debug page is at "https://IP-ADDRESS/cgi-bin/debug.cgi"
- If the address of the home tab is "https://IP-ADDRESS/home/"
- The debug page is at "https://IP-ADDRESS/debug/"
- Once on the debug page, check the box for "Enable Syslog".
- Set the Syslog server address to the IP Address of the PC running the Syslog server. The IP Address was set in step 10 in setting up the syslog server.
- Confirm the port is set to what the server expects; this was set on step 9 of setting up the syslog server.
- Save and Reboot the device.
Once the device boots back up it will begin sending syslog messages to the configured server and these messages should be displayed in the syslog server. It is possible that the messages are not displayed in the log, this may mean there is a problem with the local firewall (on the PC) and the port is closed. Please consult the network administrator for assistance in opening the correct port; this process can vary depending on the PC's firewall.