How to Configure Remote Syslog Logging
General Information
sysklogd is the Linux system logging utility that take manages files in the /var/log directory.
On a typical desktop system, logging produced by local application and is saved to files on the local drive. But syslog can also be configured to receive logging from a remote client, or to send logging information to a remote syslog server.
This How to gives the basic procedure for configuring a remote syslog server (e.g. your Ubuntu desktop PC) and a client (e.g. your target hardware running a RidgeRun SDK produced file system).
Commands to be run on the Ubuntu host have a yellow background. Commands to be run on the Ubuntu target have an aqua background.
References
Configuring host PC
If you are using an older version of Ubuntu, you are likely running syslogd. Newer versions use rsyslog.
sudo apt-get install rsyslog
syslogd server
The changes on this side are minimal. Basically you have to tell syslogd to listen for remote messages. To enable your host computer's syslogd server to accept log data from a remote client, you need to edit the file /etc/default/syslogd and set
SYSLOGD="-r"
Save the file and restart syslogd by doing:
sudo service sysklogd restart
You host syslogd server will now accept remove log messages.
rsyslog server
in the /etc/rsyslog.conf file, enable the following:
# provides UDP syslog reception $ModLoad imudp $UDPServerRun 514
Then start or restart the server as needed
sudo service rsyslog start
or
sudo service rsyslog restart
Configuring Busybox syslogd to send messages to remote logging service
Busybox supports several useful system logging utilities.
| syslogd | Utility used to record logs of all the significant events that occur on a system. Every message that is logged records the date and time of the event, and will generally also record the name of the application that generated the message. When used in conjunction with klogd, messages from the Linux kernel can also be recorded. |
| logger | Utility allowing you to send arbitrary text messages to the system log (i.e. the syslogd utility) so the messages can be logged. This is generally used to help locate problems that occur within programs and scripts. |
| klogd | Utility which intercepts and logs all messages from the Linux kernel and sends the messages out to the syslogd utility so they can be logged. |
Enable Busybox logging utilities
Use the SDK configuration tool to enable Busybox logging utilities syslogd, logger, and klogd.
make -C $DEVDIR config
-> File System Configuration
-> Select target's file system software
-> busybox-1.14.2
-> Busybox configuration
-> System Logging Utilities
You can verify these have been enabled by checking the contents of the bspconfig file:
grep -E '(CONFIG_SYSLOGD|CONFIG_KLOGD|CONFIG_LOGGER)' $DEVDIR/bsp/mach/bspconfig
Expected output
CONFIG_SYSLOGD=y CONFIG_KLOGD=y CONFIG_LOGGER=y
Then rebuild Busybox.
make -C $DEVDIR fs
Manual steps to verify local logging
On your target hardware verify syslogd and klogd are not running:
killall -9 syslogd killall -9 klogd
Manually start syslogd and klogd to enable logging:
syslogd -O /var/log/messages klogd
Check /var/log/messages for the bootup Linux console messages:
cat/var/log/messages
Manual steps to verify remote logging
On your target hardware verify syslogd and klogd are not running:
killall -9 syslogd
Manually start syslogd and klogd to enable logging:
REMOTE_LOGGING_SERIVCE=10.111.0.3 PORT=514 syslogd -R $REMOTE_LOGGING_SERIVCE:$PORT -L -O /var/log/messages klogd
Automatically starting remote logging
You can configure your system to automatically start the remote logging service be editing the file $DEVDIR/fs/overlay/etc/init.d/syslogd:
#!/bin/sh REMOTE_LOGGING_SERIVCE=10.111.0.3 PORT=514 mkdir -p /var/log syslogd -R $REMOTE_LOGGING_SERIVCE:$PORT -L -O /var/log/messages klogd
Create a symbolic link so the init daemon runs the script.
cd $DEVDIR/fs/overlay/etc/rc.d ln -s ../init.d/syslogd S10syslogd
Verifying proper operation
A simple way to add a log message every few seconds is using the Busybox logger utility. You man need to reconfigure your SDK to enable the building of the Busybox logger utility.
On the target, start a simple script that add a message to the log every two seconds.
( while sleep 2 ; do date ; done | logger -t "DATE:" ) &
Logging on target hardware
If you used the -L option with syslogd on the target hardware, then you can verify local logging is occurring as expected.
tail -f /var/log/messages
Logging on host PC
To check the messages are been sent to the server:
tail -f /var/log/messages
Debugging
If remote logging is not working, use wireshark on your Ubuntu host computer to watch the network traffic to verify that the target hardware is sending the messages to the host computer.