How to Configure Remote Syslog Logging

From RidgeRun Developer Connection

Jump to:navigation, search

Contents

General Information

sysklogd is the Linux system logging utility that take manages files in the /var/log directory.

On a typical desktop system, logging produced by local application and is saved to files on the local drive. But syslog can also be configured to receive logging from a remote client, or to send logging information to a remote syslog server.

This How to gives the basic procedure for configuring a remote syslog server (e.g. your Ubuntu desktop PC) and a client (e.g. your target hardware running a RidgeRun SDK produced file system).

Commands to be run on the Ubuntu host have a yellow background. Commands to be run on the Ubuntu target have an aqua background.

References

Configuring host PC

If you are using an older version of Ubuntu, you are likely running syslogd. Newer versions use rsyslog.

sudo apt-get install rsyslog

syslogd server

The changes on this side are minimal. Basically you have to tell syslogd to listen for remote messages. To enable your host computer's syslogd server to accept log data from a remote client, you need to edit the file /etc/default/syslogd and set

SYSLOGD="-r" 

Save the file and restart syslogd by doing:

sudo service sysklogd restart 

You host syslogd server will now accept remove log messages.

rsyslog server

in the /etc/rsyslog.conf file, enable the following:

# provides UDP syslog reception
$ModLoad imudp
$UDPServerRun 514

Then start or restart the server as needed

sudo service rsyslog start

or

sudo service rsyslog restart

Configuring Busybox syslogd to send messages to remote logging service

Busybox supports several useful system logging utilities.

syslogd Utility used to record logs of all the significant events that occur on a system. Every message that is logged records the date and time of the event, and will generally also record the name of the application that generated the message. When used in conjunction with klogd, messages from the Linux kernel can also be recorded.
logger Utility allowing you to send arbitrary text messages to the system log (i.e. the syslogd utility) so the messages can be logged. This is generally used to help locate problems that occur within programs and scripts.
klogd Utility which intercepts and logs all messages from the Linux kernel and sends the messages out to the syslogd utility so they can be logged.

Enable Busybox logging utilities

Use the SDK configuration tool to enable Busybox logging utilities syslogd, logger, and klogd.

make -C $DEVDIR config
  -> File System Configuration
     -> Select target's file system software      
        -> busybox-1.14.2
           -> Busybox configuration 
              -> System Logging Utilities

You can verify these have been enabled by checking the contents of the bspconfig file:

grep -E '(CONFIG_SYSLOGD|CONFIG_KLOGD|CONFIG_LOGGER)' $DEVDIR/bsp/mach/bspconfig 

Expected output

CONFIG_SYSLOGD=y
CONFIG_KLOGD=y
CONFIG_LOGGER=y

Then rebuild Busybox.

make -C $DEVDIR fs


Manual steps to verify local logging

On your target hardware verify syslogd and klogd are not running:

killall -9 syslogd
killall -9 klogd

Manually start syslogd and klogd to enable logging:

syslogd -O /var/log/messages
klogd

Check /var/log/messages for the bootup Linux console messages:

cat/var/log/messages

Manual steps to verify remote logging

On your target hardware verify syslogd and klogd are not running:

killall -9 syslogd

Manually start syslogd and klogd to enable logging:

REMOTE_LOGGING_SERIVCE=10.111.0.3
PORT=514

syslogd -R $REMOTE_LOGGING_SERIVCE:$PORT -L -O /var/log/messages
klogd      


Automatically starting remote logging

You can configure your system to automatically start the remote logging service be editing the file $DEVDIR/fs/overlay/etc/init.d/syslogd:

#!/bin/sh

REMOTE_LOGGING_SERIVCE=10.111.0.3
PORT=514

mkdir -p /var/log
syslogd -R $REMOTE_LOGGING_SERIVCE:$PORT -L -O /var/log/messages           
klogd

Create a symbolic link so the init daemon runs the script.

cd $DEVDIR/fs/overlay/etc/rc.d
ln -s ../init.d/syslogd S10syslogd

Verifying proper operation

A simple way to add a log message every few seconds is using the Busybox logger utility. You man need to reconfigure your SDK to enable the building of the Busybox logger utility.


On the target, start a simple script that add a message to the log every two seconds.

( while sleep 2 ; do date ; done | logger -t "DATE:" ) &

Logging on target hardware

If you used the -L option with syslogd on the target hardware, then you can verify local logging is occurring as expected.

tail -f /var/log/messages

Logging on host PC

To check the messages are been sent to the server:

tail -f /var/log/messages

Debugging

If remote logging is not working, use wireshark on your Ubuntu host computer to watch the network traffic to verify that the target hardware is sending the messages to the host computer.

Navigation
Toolbox