pfsense change syslog config
-
Hello,
i have pfsense , i install apache on it too.
i want to send apache logs to remote syslog
pfsense already sent the pfsense normal logs to it.
when i try to add apache log files to syslog.conf its not save it after restart syslog service.
so what i have to do ?
thanks. -
Try creating your own
apache.confin/var/etc/syslog.d/./etc/syslog.conf should have an include line it for /var/etc/syslog.d.
$ cat /etc/syslog.conf # Automatically generated, do not edit! # Place configuration files in /var/etc/syslog.d !* include /var/etc/syslog.d # /* Manually added files with non-conflicting names will not be automatically removed */On a side note, installing apache on your pfSense is probably not a good idea. You should really create a DMZ and run apache on its own box/VM.
-
@torred said in pfsense change syslog config:
include /var/etc/syslog.d
Hello,
i can do any changes in /etc/syslog.conf every time i tried to add anything its delete after restart syslog service
thnaks. -
Hello,
i add these lines:
CustomLog "| /bin/sh -c '/usr/bin/tee -a /var/log/access.log | /usr/bin/logger -tacc -plocal1.notice'" combined
is work
but:
ErrorLog "|/bin/sh -c '/usr/bin/tee -a /var/log/error.log | /usr/bin/logger -terr-plocal1.err'"
is write to file but not send to systlog
thnaks. -
$ cat /etc/syslog.conf # Automatically generated, do not edit!Do not edit that file.
The include line I mentioned tells the system to load custom syslog configuration files from /var/etc/syslog.d/.
Try this:
$ printf "local1.notice\t\t/var/log/access.log\n" > /var/etc/syslog.d/apache.conf $ service syslogd restartIn your apache.conf (not the syslog.d/apache.conf) you should having something like this:
CustomLog "|/usr/bin/logger -t httpd -p local1.notice" combinedAlso, one more time so I feel like I properly warned you. Do not run your own webserver on your firewall. All it takes is you making a mistake in your server code and now someone has compromised your firewall. DO NOT DO THIS.