Sometimes is required to collect syslog from Wildix devices in order to debug some issues.
Best way is to set up within a company, a syslog server, reachable from outside. Then provision the Wildix device with your Syslog server IP.
In case you do not have a syslog server in place, you can still have the possibility to grab the log from your Wildix device.
Here you are an easy way to do that in just 5 easy steps.
1. Enable Syslog server in the your device via provisioning
Goes to “Devices -> Edit -> Syslog Server” , enable it and set the Wildix PBX IP. Then click on “Configure/Sync device”
2. Capture the syslog from PBX
Method 1 (if you need a one-shot trace)
From PBX web interface, under “Settings -> Tools & Utilities -> Generate Trace”, select “Custom tcpdump” and add the following string:
-v -s0 -i any host <DEVICE_IP> and port 514
Where <DEVICE_IP> is the IP address of your device.
Then click to “start”.
When over, click to "stop".
NOTE: in this case the file name will be automatically created when you press “Stop” as “trace_YYYY-MM-DD_HH-MM.pcap” and saved under /mnt/backups/traces/ folder.
*ATTENTION*: In this way the system will run a trace and will write 1 file till it reaches 50MB. After that the file will be overwritten.
Where <DEVICE_IP> is the IP address of your device.
Method 2 (if you need to run syslog trace log time)
From PBX command line run the following command:
# sudo tcpdump -s0 -i any -w /mnt/backups/traces/<FILE_NAME>.pcap host <DEVICE_IP> and port 514
Once you have done the test call, you can press CRTL+C to exit.
If you need to activate a long time trace in background use the following command :
# sudo tcpdump -s0 -i any -w /mnt/backups/traces/<FILE_NAME>.pcap host <DEVICE_IP> and port 514 -C 50 -W 10&
-W XX defines the max number of pcap files
-C XX defines the max size in MB for each pcap file
& means that pcap trace will be activated in background (it will be still active even if you terminate the ssh session). To stop a trace in background :
- launch ps aux |grep tcpdump to check process id
- kill -9 <PID> (PID = process id from previous point)
3. Generate the syslog file
From PBX command line run the following command:
# sudo tcpdump -A -r /mnt/backups/traces/<FILE_NAME>.pcap | sed '/^\s*$/d' | grep -v "SYSLOG" > /home/admin/syslog_device_YYYY-MM-DD.log
4. Download the syslog
Download file /home/admin/syslog_device_YYYY-MM-DD.log
5. Disable syslog on the device
See step 1, and remove the IP from provisioning field