Question about Syslog configuration



  • I have a pfsense 2.2.6, and I use the haproxy-devel package. This package use syslog (through /var/run/log, by default), but I've seen no log entries.
    I'd like to have a separated log fie for Haproxy.

    I've done a few tries and Internet searches, without fully understand how the pfsense logging system works.
    I'm fairly new to pfsense (or any *BSD), so perhaps I'm missing something obvious.

    When accessing by SSH, I can see there is no syslog service (nothing in /etc/rc.d/,  neither in /usr/local/etc/rd.d/), but syslogd is still running.
    There is a /etc/syslog.conf file, but modifications are canceled after each reboot.

    So, I guess it's the webGUI which start and manages syslogd, an then the config can be done only from the GUI. Correct ?

    Is it possible to add a custom rule to this syslog instance ?If not, it is possible to disable the handling of syslog by the webGUI, and replace it with a classic service ?
    What are my others options ?



  • Afaik, not a lot of options today.. Basically it would be nice if this pull-request could be committed, https://github.com/pfsense/pfsense/pull/2616 but not sure if/when that is going to happen.. After that i could take another look at options to log things locally from haproxy..

    Probably the best thing to do would be to configure a external syslog server.. That can be done currently and works nicely.. Also allows for some more log storage analyses options..



  • Well, there is syslog-ng package, at least in 2.3, so you can try to use it.

    "syslog-ng  1.1.2_3  Syslog-ng syslog server. This service is not intended to replace the default pfSense syslog server but rather acts as an independent syslog server.

    Package Dependencies:
     logrotate-3.9.2    syslog-ng-3.7.3_1   "