Email notification setup not completed the logs



  • Hi everyone,

    I'd like to ask what's wrong with my setup in my pfsense. I have setup email notification and its working fine to send a logs in my email but the only problem the logs is not completed. I want to get the complete logs everday but in my current setup i got only 50 logs. Hope you will help me regarding this issue. Thanks.

    P.S if you have suggestion any alternative how to get full logs everday, please let me know. Im really sorry i'm newbie in pfsense. Thanksbolded text



  • Do you mean you're only getting 50 lines of log? After you create the report, you can edit it to choose the number of lines.



  • I'm using -> Send log messages to remote syslog server
    under Status / System Logs / Settings
    i have another pc running linux with rsyslog collecting all the data and rotating it daily, there are also software for windows if you don't have a linux machine that can do it. if you need you can take the generated daily log and send it via email.


  • Netgate Administrator

    You mean using the mailreport package I assume?

    In which case there is a field to change that Enter the number of rows to include in the report.

    But, yes, if you just want to export the logs you should use syslog:
    https://docs.netgate.com/pfsense/en/latest/monitoring/copying-logs-to-a-remote-host-with-syslog.html

    Steve



  • @kiokoman thanks maybe i need to use syslog than to email notification package. Do you have any tutorial how to install it on linux and what application did you use on your linux? What i really want is to keep all my logs. Thanks everyone to your reply. Thanks. :)



  • @provels thanks. How do i edit the line. I got only 50 lines in my email. I already edited in the status-system logs-settings the line on 50 to 2000 but still the problem is the same. Thanks.



  • @stephenw10 yes email package. How can i adjust the row that you have said? Is there any way to get all the logs using email package or i need to use syslog?



  • the package that i use under linux is rsyslog

    log.jpg

    add this to /etc/rsyslog.conf

    module(load="imuxsock") # provides support for local system logging
    $ModLoad imfile
    #module(load="immark")  # provides --MARK-- message capability
    
    # provides UDP syslog reception
    module(load="imudp")
    input(type="imudp" port="514")
    
    # provides TCP syslog reception
    #module(load="imtcp")
    #input(type="imtcp" port="514")
    
    # provides kernel logging support and enable non-kernel klog messages
    module(load="imklog" permitnonkernelfacility="on")
    
    

    create a file inside /etc/rsyslog.d/33-pfsense.conf

    if $programname == 'suricata' then /var/log/pfsense-suricata.log
    & stop
    
    if $programname == 'filterlog' then /var/log/pfsense-filterlog.log
    & stop
    
    if $programname == 'filterdns' then /var/log/pfsense-filterdns.log
    & stop
    
    if $programname == 'hostapd' then /var/log/pfsense-hostapd.log
    & stop
    
    if $programname == 'radvd' then /var/log/pfsense-radvd.log
    & stop
    

    you can add more filter just follow the pattern

    add every /var/log/pfsense-*.log to /etc/logrotate.d/rsyslog

    example :

    kiokoman@nanto:/etc/logrotate.d$ cat rsyslog
    
    /var/log/syslog
    {
            rotate 7
            daily
            missingok
            notifempty
            delaycompress
            compress
            postrotate
                    /usr/lib/rsyslog/rsyslog-rotate
            endscript
    }
    
    /var/log/mail.info
    /var/log/mail.warn
    /var/log/mail.err
    /var/log/mail.log
    /var/log/daemon.log
    /var/log/kern.log
    /var/log/auth.log
    /var/log/user.log
    /var/log/lpr.log
    /var/log/cron.log
    /var/log/debug
    /var/log/messages
    /var/log/tftp
    /var/log/named.log
    /var/log/named/client.log
    /var/log/named/config.log
    /var/log/named/database.log
    /var/log/named/default.log
    /var/log/named/dispatch.log
    /var/log/named/dnssec.log
    /var/log/named/general.log
    /var/log/named/lame-servers.log
    /var/log/named/network.log
    /var/log/named/notify.log
    /var/log/named/queries.log
    /var/log/named/resolver.log
    /var/log/named/security.log
    /var/log/named/unmatched.log
    /var/log/named/update.log
    /var/log/named/xfer-in.log
    /var/log/named/xfer-out.log
    /var/log/pfsense-suricata.log
    /var/log/pfsense-radvd.log
    /var/log/pfsense-filterdns.log
    /var/log/pfsense-filterlog.log
    


  • @kiokoman thank you so much for this tutorial. I will try this setup. Once again, thank you so much I really appreciate your help. :)


Log in to reply