Upload File

log management manual

prev
next
out of 4
Download Log Management Manual

Upload: imi-michal-smulski

Post on 04-Apr-2018

219 views

Category:

Documents


0 download

Report

TRANSCRIPT

  • 7/31/2019 Log Management Manual

    1/4

    Log ManagementDocument revision 2.3 (Mon Jul 19 07:23:35 GMT 2004)

    This document applies to MikroTik RouterOS V2.8

    Table of Contents

    Table of ContentsSummarySpecificationsRelated DocumentsDescription

    General SettingsProperty DescriptionExample

    Log ClassificationProperty DescriptionNotesExample

    Log MessagesDescriptionProperty DescriptionNotesExample

    General Information

    Summary

    Various system events and status information can be logged. Logs can be saved in a file on therouter, or sent to a remote server running a syslog daemon. MikroTik provides a sharewareWindows Syslog daemon, which can be downloaded from www.mikrotik.com

    Specifications

    Packages required: systemLicense required: level1

    Home menu level: /system logging, /logStandards and Technologies: SyslogHardware usage: Not significant

    Related Documents

    Package Management

    Description

    The logging feature sends all of your actions on the router to a log file or to a logging daemon.

    Page 1 of 4

  • 7/31/2019 Log Management Manual

    2/4

    Router has several global configuration settings that are applied to logging. Logs have differentfacilities. Logs from each facility can be configured to be discarded, logged locally or remotely.Log files can be stored in memory (default; logs are lost on reboot) or on hard drive (not enabled bydefault as is harmful for flash disks).

    General SettingsHome menu level: /system logging

    Property Description

    default-remote-address (IP address; default: 0.0.0.0) - remote log server IP address. Used whenremote logging is enabled but no IP address of the remote server is specified

    default-remote-port (integer; default: 0) - remote log server UDP port. Used when remote loggingis enabled but no UDP port of the remote server is specified

    disk-buffer-lines (integer; default: 100) - number of lines kept on hard drive

    memory-buffer-lines (integer; default: 100) - number of lines kept in memory

    Example

    To use the 10.5.13.11 host, listening on 514 port, as the default remote system-log server:

    [admin@MikroTik] system logging> set default-remote-address=10.5.13.11default-remote-port=514[admin@MikroTik] system logging> print

    default-remote-address: 10.5.13.11default-remote-port: 514

    disk-buffer-lines: 100memory-buffer-lines: 100

    [admin@MikroTik] system logging>

    Log Classification

    Home menu level: /system logging facility

    Property Description

    echo (yes | no; default: no) - whether to echo the message of this type to the active (logged-in)consoles

    facility (name) - name of the log group, message type

    local (disk | memory | none; default: memory) - how to treat local logs

    disk - logs are saved to hard drive

    memory - logs are saved to local buffer. They can be viewed using the '/log print' command

    none - logs from this source are discarded

    prefix (text; default: "") - local log prefix

    remote (none | syslog; default: none) - how to treat logs that are sent to remote host

    none - do not send logs to a remote host

    syslog - send logs to remote syslog daemon

    Page 2 of 4

  • 7/31/2019 Log Management Manual

    3/4

    remote-address (IP address; default: "") - remote log server's IP address. Used when logging typeis remote. If not set, default log server's IP address is used

    remote-port (integer; default: 0) - remote log server UDP port. Used when logging type is remote.If not set, default log server UDP port is used

    Notes

    You cannot add, delete or rename the facilities: they are added and removed with the packages theyare associated with.

    System-Echo facility has its default echo property set to yes.

    Example

    To force the router to send Firewall-Log to the 10.5.13.11 server:

    [admin@MikroTik] system logging facility> set Firewall-Log remote=syslog \\... remote-address=10.5.13.11 remote-port=514[admin@MikroTik] system logging facility> print

    # FACILITY LOCAL REMOTE PREFIX REMOTE-ADDRESS REMOTE-PORT ECHO0 Firewall-Log memory syslog 10.5.13.11 514 no1 PPP-Account memory none 0.0.0.0 0 no2 PPP-Info memory none 0.0.0.0 0 no3 PPP-Error memory none 0.0.0.0 0 no4 System-Info memory none 0.0.0.0 0 no5 System-Error memory none 0.0.0.0 0 no6 System-Warning memory none 0.0.0.0 0 no7 Telephony-Info memory none 0.0.0.0 0 no8 Telephony-E... memory none 0.0.0.0 0 no9 Prism-Info memory none 0.0.0.0 0 no

    10 Web-Proxy-A... memory none 0.0.0.0 0 no11 ISDN-Info memory none 0.0.0.0 0 no

    12 Hotspot-Acc... memory none 0.0.0.0 0 no13 Hotspot-Info memory none 0.0.0.0 0 no14 Hotspot-Error memory none 0.0.0.0 0 no15 IPsec-Event memory none 0.0.0.0 0 no16 IKE-Event memory none 0.0.0.0 0 no17 IPsec-Warning memory none 0.0.0.0 0 no18 System-Echo memory none 0.0.0.0 0 yes[admin@MikroTik] system logging facility>

    Log Messages

    Home menu level: /log

    Description

    Some log entries, like those containing information about user logout event, contain additionalinformation about connection. These entries have the following format: logged out,

    Property Description

    message (text) - message text

    time (text) - date and time of the event

    Page 3 of 4

  • 7/31/2019 Log Management Manual

    4/4

    Notes

    print command has the following arguments:

    follow - monitor system logs

    without-paging - print the log without paging

    file - saves the log information to ftp with a specified file name

    Example

    To view the local logs:

    [admin@MikroTik] > log printTIME MESSAGEdec/24/2003 08:20:36 log configuration changed by admindec/24/2003 08:20:36 log configuration changed by admindec/24/2003 08:20:36 log configuration changed by admindec/24/2003 08:20:36 log configuration changed by admindec/24/2003 08:20:36 log configuration changed by admindec/24/2003 08:20:36 log configuration changed by admin

    -- [Q quit|D dump]

    To monitor the system log:

    [admin@MikroTik] > log print followTIME MESSAGEdec/24/2003 08:20:36 log configuration changed by admindec/24/2003 08:24:34 log configuration changed by admindec/24/2003 08:24:51 log configuration changed by admindec/24/2003 08:25:59 log configuration changed by admindec/24/2003 08:25:59 log configuration changed by admindec/24/2003 08:30:05 log configuration changed by admindec/24/2003 08:30:05 log configuration changed by admindec/24/2003 08:35:56 system starteddec/24/2003 08:35:57 isdn-out1: initializing...dec/24/2003 08:35:57 isdn-out1: dialing...dec/24/2003 08:35:58 Prism firmware loading: OKdec/24/2003 08:37:48 user admin logged in from 10.1.0.60 via telnet

    -- Ctrl-C to quit. New entries will appear at bottom.

    Page 4 of 4


Log Management: AtlSecCon2015

A universal log management solution - Tahawul Tech€¦ · HPE Arcsight Logger The first universal log management solution HPE ArcSight Logger is the universal log management solution

DualEM LOG software manual

monitoring log management alerting - depot.ubiqube.comdepot.ubiqube.com/.../Service_Monitoring_log_management_alerting.… · Monitoring Log Management and Alerting 3 / 24 1. Centralized

Log Management - isaca

Log Management

Model Enterprise Log Management System™ Log Management System ' ˇc˙ ( ˇ ˚ ˇ˛ ˘ ˇ * ˘ˇˆ˙ Log , - 9˜ ... ESLog Management v1.0 Rev 1.15 Author Enterprise System Co.,Ltd

Log Management - wiki.apnictraining.net

SANS Log Management 1

Log management with_logstash_and_elastic_search

Manual Log Email

Log management principle and usage

Powerhouse Log Spliiter Manual

South Dakota Facilities Management User’s Manual · PDF fileSouth Dakota Facilities Management User’s Manual Creation Date: April 28, ... Log into the CORE module where ... you

Manual Data Log - Rutab

Server Access log Management Database Access log Management · Database Access log Management ver. 7.5.3_En ... • Acquires server access from layers of Operation System (OS)

Log and Geo Manual

Part 7a - Manual Log-Log Analysis WBS IARF Model

OSSEC Log Management with Elasticsearch

LS7T-52 LOG SPLITTER Operation Manual - powerhouse log

Business Centric Log Management (BCLM)™: Understanding what to Log

Management System | Log in

Re Log Analysis Manual

FINANCIAL MANAGEMENT POLICY MANUAL  · Web viewFINANCIAL MANAGEMENT POLICY MANUAL CHANGE LOG. This record shall be maintained throughout the life of the document. Each published

Monitoring and Log Management for

eBook Log Management

Manual Log Book-student

SLB Log Principles Manual

FINANCIAL MANAGEMENT POLICY MANUAL€¦ · Web viewFINANCIAL MANAGEMENT POLICY MANUAL CHANGE LOG This record shall be maintained throughout the life of the document. Each published

Manual Log-G Man

ELK: a log management framework

Manual pi cs log

SANS Log Management 2

Southeastern Aviation Safety Management · PDF fileSafety Management System Southeastern Aviation Safety Management System Manual Revision Log Southeastern Aviation Sciences Institute

Manual Log Registros