Skip to main content

Tutorial: How To Log To Syslog

Abstract

You can log to the local syslog daemon by changing a configuration setting, as shown in this tutorial.

Overview

By changing a configuration setting, as shown in this tutorial, Access Server can write to and store its logs to the local syslog daemon or an external syslog server.

Prerequisites

  • An installed Access Server.

  • Root access on the console.

Option 1: Configure Access Server to log to the syslog

  1. Connect to the Access Server console with root privileges.

  2. Open the as.conf file for editing:

    nano /usr/local/openvpn_as/etc/as.conf

  3. At the bottom, add this line:

    SYSLOG=1

    Important

    Ensure it's CAPITALIZED.

  4. Save and exit by pressing Ctrol+x, then y.

  5. Restart the Access Server service:

    service openvpnas restart

    • Access Server now logs to the syslog daemon, /var/log/syslog, by default.

Option 2: Redirect Access Server logs to an external syslog server

Suppose you want to redirect to another syslog server on the network. In that case, you can configure the operating system's syslog daemon to redirect any Access Server service syslog line to an external network syslog server. All syslog lines regarding Access Server contain the keyword openvpnas, so it’s possible to filter for this with a rule in the syslog daemon and forward only that information.

Note

The following instructions assume you’re using the Ubuntu operating system. You may need to look up documentation and make adjustments as needed if you’re using another OS.

  1. Connect to the Access Server console with root privileges.

  2. Open the as.conf file for editing:

    nano /usr/local/openvpn_as/etc/as.conf

  3. At the bottom, add this line:

    SYSLOG=1

    Important

    Ensure it's CAPITALIZED.

  4. Save and exit by pressing Ctrl+x, then y.

  5. Restart the Access Server service:

    service openvpnas restart

  6. Create a file for the rsyslog daemon rule:

    nano /etc/rsyslog.d/openvpnas.conf

    • This creates a new, empty file.

  7. Add this line to log to an external UDP syslog system:

    if $programname == 'openvpnas' then @remote.syslog.server

    Or add this line if it's an external TCP syslog system:

    if $programname == 'openvpnas' then @@remote.syslog.server

  8. Save and exit by pressing Ctrl+x, then y.

  9. Restart the syslog daemon:

    service rsyslog restart

Tip

(Optional) You can specify another file, like /var/log/myownfilename.log, instead of supplying a remote server address, like @remote.syslog.server.

In this section: