RuggedRouter User Guide
Left unrestricted the logging system would consume all available “disk” space,
causing the router to fail. The router limits the memory used by the logging system
by storing logs in a volatile (i.e. lost after a reboot) file system which is limited in
size. Such a system will lose logging information when a power failure occurs, too
much logging is generated or as the result of a user commanded reboot.
The router deals with this problem by storing compressed versions of three key files
(messages, auth.log, and critical) to the permanent disk. The log files are saved every
180 seconds and upon an orderly reboot. The log files are restored during the next
boot. All other files but these are cleared.
Remote Logging
Remote logging (often referred to as remote syslogging) is the process of forwarding
log entries to a remote host computer. Remote logging enables central collation of
logs and preserves logs in the events of security incidents. Remote logging does not
require any file storage on the router and as such does not suffer from loss of
information around unplanned power failures. On the other hand, remote logging
cannot record events that occur before network connectivity to the logging host is
established.
Remote logging can replace disk logging or can augment it.
If you wish to replace disk logging for some information type, select the appropriate
link under the System Logs sub-menu Log Destination column. Enter the URL of
the logging host under the Syslog server on.
Figure 231: Cha nging a Syslog entry to remo te log
If you wish to remote log in addition to disk log some log type, you must duplicate
the log entry and the configure the logging host. Duplicate the entry by using the
“Add a new system log” link on the System Logs sub-menu.
Finally, you may forward all information to the remote logger by creating a new
system log entry and specifying “All” Facilities and all priorities, and checking the
Syslog server on field with an appropriate address.
258 RuggedCom