Question about Syslog configuration
-
I have a pfsense 2.2.6, and I use the haproxy-devel package. This package use syslog (through /var/run/log, by default), but I've seen no log entries.
I'd like to have a separated log fie for Haproxy.I've done a few tries and Internet searches, without fully understand how the pfsense logging system works.
I'm fairly new to pfsense (or any *BSD), so perhaps I'm missing something obvious.When accessing by SSH, I can see there is no syslog service (nothing in /etc/rc.d/, neither in /usr/local/etc/rd.d/), but syslogd is still running.
There is a /etc/syslog.conf file, but modifications are canceled after each reboot.So, I guess it's the webGUI which start and manages syslogd, an then the config can be done only from the GUI. Correct ?
Is it possible to add a custom rule to this syslog instance ?If not, it is possible to disable the handling of syslog by the webGUI, and replace it with a classic service ?
What are my others options ? -
Afaik, not a lot of options today.. Basically it would be nice if this pull-request could be committed, https://github.com/pfsense/pfsense/pull/2616 but not sure if/when that is going to happen.. After that i could take another look at options to log things locally from haproxy..
Probably the best thing to do would be to configure a external syslog server.. That can be done currently and works nicely.. Also allows for some more log storage analyses options..
-
Well, there is syslog-ng package, at least in 2.3, so you can try to use it.
"syslog-ng 1.1.2_3 Syslog-ng syslog server. This service is not intended to replace the default pfSense syslog server but rather acts as an independent syslog server.
Package Dependencies:
logrotate-3.9.2 syslog-ng-3.7.3_1 "