Remote Logging | RuggedCom RX1000, RX1100 manual

RuggedRouter™ User Guide

Left unrestricted the logging system would consume all available “disk” space, causing the router to fail. The router limits the memory used by the logging system by storing logs in a volatile (i.e. lost after a reboot) file system which is limited in size. Such a system will lose logging information when a power failure occurs, too much logging is generated or as the result of a user commanded reboot.

The router deals with this problem by storing compressed versions of three key files (messages, auth.log, and critical) to the permanent disk. The log files are saved every 180 seconds and upon an orderly reboot. The log files are restored during the next boot. All other files but these are cleared.

Remote Logging

Remote logging (often referred to as remote syslogging) is the process of forwarding log entries to a remote host computer. Remote logging enables central collation of logs and preserves logs in the events of security incidents. Remote logging does not require any file storage on the router and as such does not suffer from loss of information around unplanned power failures. On the other hand, remote logging cannot record events that occur before network connectivity to the logging host is established.

Remote logging can replace disk logging or can augment it.

If you wish to replace disk logging for some information type, select the appropriate link under the System Logs sub-menu Log Destination column. Enter the URL of the logging host under the Syslog server on.

Figure 231: Changing a Syslog entry to remote log

If you wish to remote log in addition to disk log some log type, you must duplicate the log entry and the configure the logging host. Duplicate the entry by using the “Add a new system log” link on the System Logs sub-menu.

Finally, you may forward all information to the remote logger by creating a new system log entry and specifying “All” Facilities and all priorities, and checking the Syslog server on field with an appropriate address.

258

RuggedCom

Image 260

RuggedCom RX1000, RX1100 manual Remote Logging, Changing a Syslog entry to remote log

Contents

RuggedRouter Ruggedrouter User Guide How To Use This User Guide About this User GuideApplicable Firmware Revision Who Should Use This User Guide Document Conventions Quick Start Recommendations Basic Web Based Configuration Additional Configuration About this User Guide Table Of Contents Table Of Contents RuggedRouter User Guide 100 114 144 Page Table Of Contents Page 241 Page RuggedRouter Setup Main Menu Table Of Figures Scheduled Commands Displaying a Command T1/E1 Network Interfaces After Interface Creation Adsl Link Statistics Show Public Key Link Backup Status 162 Raw Socket Menu IRIGB/IEEE1588 General Configuration menu 230 255 IAS Window Edit Profile 282 Setting Up And Administering The Router Access MethodsAccounts And Password Management Default Configuration Accessing The RuggedRouter Command Prompt RuggedRouter Setup ShellConfiguring Passwords From the Console Port Configuring Radius Authentication Configuring IP Address InformationSetting The Hostname Radius Server Configuration menu Enabling And Disabling The SSH and Web Server Configuring The Date, Time And Timezone Enabling And Disabling The Gauntlet Security Appliance Displaying Hardware Information RuggedRouter Hardware Information Menu Restoring a Configuration Selecting a configuration to reload Using a Web Browser to Access the Web Interface RuggedRouter Web InterfaceSSL Certificate Warnings Structure of the Web Interface RuggedRouter Web Interface Main Menu Window Using The LED Status Panel LED Status Panel Obtaining Chassis Information LED Name Description IP Access Control Webmin ConfigurationWebmin Configuration Menu Ports And Addresses Change Help Server Webmin Configuration Menu, Logging Logging Authentication Webmin Configuration Menu, Authentication Webmin Events Log Webmin Events Log This page intentionally blank Configuring The System Bootup And Shutdown Change Password Command Scheduled Commands Scheduled Commands Displaying a Command Scheduled Cron Jobs Webmin Scheduled Cron Jobs System Hostname System Time Configuring Networking Network Configuration Core Settings Dummy Interface Routing And Gateways Default Route TableConfigured Static Routes Manually Entered Static Routes Static Multicast Routing Static Multicast Routing Host Addresses End To End BackupDNS Client Page Configuring End To End Backup Current Routing & Interface Table Configuring Ethernet Interfaces Ethernet Interface FundamentalsVlan Interface Fundamentals LED Designations PPPoE On Native Ethernet Interfaces Fundamentals RuggedRouter Functions Supporting VLANs Ethernet Ethernet Interfaces Editing Currently Active Interfaces Editing a Network Interface Virtual Lan Interfaces Edit Boot Time InterfacesVirtual Interfaces PPPoE On Native Ethernet Interfaces List PPPoE Interfaces Edit PPPoE Interface Editing a PPPoE Interface PPP Logs Current Routes & Interface Table Frame Relay Configuring Frame Relay/PPP And T1/E1T1/E1 Fundamentals Included With T1E1 T1/E1Location Of Interfaces And Labeling T1/E1 Network Interfaces Strategy For Creating Interfaces Editing a T1/E1 Interface Naming Of Logical Interfaces T1 Settings E1 Settings Editing a Logical Interface Frame Relay Frame Relay Link Parameters Editing a Logical Interface PPP Frame Relay DLCIs T1/E1 Statistics Link Statistics Frame Relay Interface Statistics Frame Relay Statistics PPP Interface Statistics PPP Link Statistics T1/E1 Loopback T1/E1 Loopback Menu Upgrading Software Upgrading Firmware Configuring Frame Relay/PPP And T3 T3 Fundamentals T3 Configuration T3 Network Interfaces Editing a T3 Interface Edit T3 Interface T3 Statistics Upgrading Software Page Configuring Frame Relay/PPP DDS Fundamentals DDS Configuration DDS Network Interfaces Edit Logical Interface Frame Relay, single Dlci DDS Statistics DDS Link Statistics DDS Loopback Frame Relay And PPP Interface StatisticsPage Adsl Fundamentals Configuring PPPoE/Bridged Mode OnPPPoE/Bridged Mode Fundamentals Bridged Mode Authentication, Addresses and DNS ServersPPPoE MTU Issues Editing a Logical Interface PPPoE Adsl ConfigurationAdsl Network Interfaces Editing a Logical Interface Bridged Edit Logical Interface Bridged Adsl Statistics Adsl Link Statistics Current Routes & Interface Table Configuring PPP and Modem PPP Mode FundamentalsWhen the Modem Connects Modem Fundamentals Modem Configuration Modem Main Menu Blind dial Modem PPP Client Connections Modem PPP Client Modem PPP Server Modem Incoming Call Logs Modem PPP Logs PPP Logs Modem PPP Connection Logs PPP Connection LogsPage Configuring The Firewall Firewall FundamentalsStateless vs Stateful Firewalls Linux netfilter, iptables And The Shoreline Firewall Network Address Translation Shorewall Quick Setup Port Forwarding Interfaces ShoreWall Terminology And ConceptsZones Hosts Policy Masquerading And Snat Interface Subnet Address Protocol Ports Rules Reject Configuring The Firewall And VPN Route Based Virtual Private Networking Policy Based Virtual Private Networking Virtual Private Networking To a DMZ Firewall Main Menu Starting Shorewall Firewall Menu Shorewall Firewall Menu Network Zones Network Interfaces Editing a Firewall Network Interfaces Network Zone Hosts Firewall Zone Hosts Default Policies Masquerading Firewall Rules Editing a Masquerading Rule Static NAT Static NAT Actions When Stopped Creating a Static NAT EntryPage Page Configuring An IPsec VPN VPN FundamentalsIPsec Modes Policy Vs Route Based VPNs Supported Encryption Protocols Public Key And Pre-shared Keys NAT Traversal Other Configuration Supporting IPSecX509 Certificates Openswan Configuration Process VPN Main Menu Before Key GenerationVPN Main Menu IPsec and Router InterfacesPage Server Configuration IPsec VPN Configuration After Connections Have Been Created Public Key Preshared Keys IPsec VPN Connection Details List CertificatesVPN Connections Page Left/Right Systems Settings Export Configuration Showing IPsec Status IPsec Status IPSec X.509 Roaming Client Example Select a Certificate Authority Generate X.509 Certificates VPN Networking Parameters Client ConfigurationRouter IPSec Configuration Firewall IPSec Configuration Ethernet Port ConfigurationPage RIP Fundamentals Configuring Dynamic RoutingQuagga, RIP and Ospf Ospf Fundamentals Key Ospf And RIP ParametersLink State Advertisements Network Areas Active/Passive Interface Default Router-IDHello Interval and Dead Interval Redistributing Routes Configuring Ospf Link Costs Ospf AuthenticationRIP Authentication Link Detect Administrative Distances Vrrp Operation Ospf And Vrrp Example NetworkArea And Subnets Enable Protocols Dynamic Routing Core Interface Parameters CoreCore Global Parameters View Core Configuration Ospf Ospf Global ParametersPage Ospf Interfaces Ospf Interfaces Ospf Status View Ospf ConfigurationOspf Network Areas RIP Global Parameters RIP Global Parameters RIP Interfaces RIP Key Chains RIP Networks RIP Networks View RIP Configuration RIP StatusPage Path Failure Discovery Configuring Link BackupLink Backup Fundamentals Use Of Routing Protocols And The Default Route Link Backup Main MenuLink Backup Configuration Edit Link Backup Configuration Test Link Backup Link Backup LogsLink Backup Status Page Page Configuring Vrrp Problem With Static RoutingVrrp Solution Vrrp Fundamentals Vrrp Example Page Vrrp Configuration Vrrp Main Menu Editing a Vrrp Instance Vrrp Instance Viewing Vrrp Instances Status Vrrp Instances Status Configuring Traffic Prioritization Traffic Prioritization FundamentalsPriority Queues Filters TOS Prioritization Included With Traffic Prioritization Prioritization Example Traffic Prioritization Main Menu Interface Prioritization Menu Prioritization Transmit Queue Length Prioritization QueuesPrioritization Filters Prioritization Statistics Prioritization Statistics Configuring Generic Routing Encapsulation GRE Fundamentals GRE Configuration Menu GRE Main MenuPage Network Utilities Network Utilities Main Menu Ping Menu Traceroute Menu Tcpdump a Network Interface Host MenuTrace Menu Frame Relay Link Layer Trace a WAN Interface Serial Trace a Serial Server Port Interface Statistics Menu Interface Statistics Menu Current Routing & Interface Table Current Routing & Interface Table Interface Status Page Configuring Serial Protocols Serial IP Port Features Serial Protocols Applications Character EncapsulationRTU Polling Broadcast RTU Polling Serial Protocols Concepts And Issues Host And Remote RolesUse Of Port Redirectors Message Packetization Use of Turnaround Delays Serial Protocols Main Menu RawSocket Menu Port Settings MenuAssign Protocols Menu Page Protocol Specific Packet Error Statistics Serial Protocols Statistics Menu Serial Protocols Trace Menu Serial Protocols Trace Menu Serial Protocols Sertrace Utility Is providedPage Layer 2 Tunnel Daemon Details Configuring Goose TunnelsIEC61850 Goose Fundamentals Layer 2 Tunnels Main Menu Layer 2 Tunnels Main Menu General Configuration Menu Goose Tunnels Menu Goose Statistics Menu Activity Trace MenuPage Page Configuring The Dhcp server Dhcp FundamentalsDhcp Network Organizations Dhcp Client OptionsPage Option 82 Support with Disable NAK Example Dhcp Scenarios And Configurations Single Network With Option82 Clients On One SwitchSingle Network With Dynamic IP Assignment Single Network With Static IP AssignmentPage Page Dhcp Server Main Menu Dhcp Server Menu Dhcp Shared Network Configuration Dhcp Shared Network Configuration Dhcp Subnet Configuration Dhcp Subnet Configuration Dhcp Group Configuration Dhcp Host Configuration Dhcp Pool Configuration Dhcp Pool Configuration Configuring NTP NTP Fundamentals Included With NTP NTP Sanity LimitNTP And The Precision Time Protocol Card NTP Server Main Menu Generic Options Servers Configuration Peers Configuration Viewing The NTP Status Viewing The NTP Log Viewing The GPS Status Viewing The GPS Log Included With SSH Configuring SSHSSH Fundamentals SSH Main Menu SSH Server Access Control NetworkingPage Configuring Irigb And IEEE1588 IEEE1588 FundamentalsPTP Network Roles PTP Master Election Irigb Output Formats Irigb FundamentalsSynchronizing NTP from IEEE1588 How The Router Selects a Reference Clock GPS Cable compensationReference Clocks General Configuration IRIGB/IEEE1588 Main Menu Irigb Configuration IEEE1588 Configuration Irigb Status IEEE1588 Status Irigb Log Page Configuring The Snort IDS Snort FundamentalsWhich Interfaces To Monitor Snort Rules Performance And Resources Global ConfigurationSnort IDS Main Menu Rule Lookup by SID Network SettingsRulesets PreProcessors Alerts & Logging Edit Config File Alert Menu Maintaining The RouterAlert System Alert Configuration Alert Configuration Menu Alert Filter Configuration Alert Definition Configuration Change Alert Definition Page Gauntlet And The Firewall Gauntlet SecurityWhat And How Gauntlet Protects Gauntlet Status Menu Upgrading Gauntlet Backup And Restore System Backup And Restore General Configuration Setup Archive Backup Archive History Archive Restore Archive Difference Tool Archive Differences List Snmp Configuration Show Difference for selected file between two targets Network Addressing Configuration Snmp Configuration Main MenuSystem Configuration Access Control page, Snmp V1 and V2c 250 RuggedCom Trap Configuration Trap Configuration page, Trap Options MIB Support RuggedRouter supports the following MIBs Radius Authentication Radius Authentication Configuration Edit Radius Server Parameters Outgoing Mail Chassis Parameters Parameter Description Syslog Factory Defaults System Logs Remote Logging Changing a Syslog entry to remote log Upgrade System RuggedRouter Software Fundamentals When a Software Upgrade Requires a Reboot Automatic Upgrade Upgrade to RX1100 Change Repository Server Automatic Upgrading Upgrading All Packages Installing a New Package Pre-upgrade/Post-upgrade scripts Uploading And Downloading Files Upload/Download menu Security Considerations Security ActionsPage Repository Server Requirements Appendix a Setting Up a RepositoryInitial Repository Setup An Alternate Approach Setting Up The RoutersUpgrading The Repository Upgrading Considerations Appendix B Downgrading Router Software Appendix C Installing Apache Web Server On Windows Apache Default WebPage Appendix D Installing IIS Web Server On Windows Installing IIS FreeRadius Appendix E Radius Server ConfigurationWindows Internet Authentication Service Edit Profile window, Click Add... button 276 RuggedCom RuggedCom 277 Index Dhcp Goose NTP SSH Vrrp