[syslog-ng] capture messages from linksys router
Alexander Clouter
ac56 at soas.ac.uk
Sun Apr 8 01:54:32 CEST 2007
Hi,
Robert Buecheler <rf.buecheler at gmail.com> [20070407 14:30:45 -0500]:
>
> please forgive me, I'm fairly new in this and don't understand much of
> syslog-ng.
> I am trying to log messages from my linksys router (192.168.1.1)
> The port that linksys mentions is (514), but when I run ethereal, the
> destination port seems to be [snmptrap (162)] (the origin port on the
> router varies)
>
> [snipped]
>
> can somebody help?
>
SNMP TRAP messages are not syslog messages. SNMP is a 'simple' system used
to get data such as byte counters and memory usage values on remote systems,
such as routers and even servers. SNMP trap messages are configured on the
remote system to alert/inform (usually) a central system that some event has
occurred; for example a disk has neared capacity or a CPU is overheating.
Sorry but what you are trying to do is not going to work, syslog-ng will not
read SNMP trap information.
>From looking on the Internet I can see why you are getting confused. Seems
Linksys have decided in their infinite wisdom to use SNMP trap messages for
logging :-/
Have a look at the following:
http://freshmeat.net/projects/linksysd/
Using this on your system instead (or to the relay onto syslog-ng after
converting the snmp trap alerts to syslog messages) should help you along.
Have fun
Alex
[1] http://en.wikipedia.org/wiki/Simple_Network_Management_Protocol#SNMPv2_and_Structure_of_Management_Information
More information about the syslog-ng
mailing list