<span class="page-title-pdf">Collecting Syslog from Wildix Devices - Admin Guide - English</span> |
The following Admin Guide explains how to collect syslog trace from Wildix devices without installation of syslog server. |
<div id="fb-root"></div>
<script>(function(d, s, id) {
var js, fjs = d.getElementsByTagName(s)[0];
if (d.getElementById(id)) return;
js = d.createElement(s); js.id = id;
js.src = 'https://connect.facebook.net/en_US/sdk.js#xfbml=1&version=v2.11';
fjs.parentNode.insertBefore(js, fjs);
}(document, 'script', 'facebook-jssdk'));</script> |
|
<div class="fb-like" data-href="https://confluence.wildix.com/x/EIC3" data-layout="button_count" data-action="recommend" data-size="large" data-show-faces="true" data-share="true"></div> |
<div class="lang-box-pdf">
<div>
<div class="google-lang">
<div id="google_translate_element">
</div>
<script type="text/javascript">
function googleTranslateElementInit() {
new google.translate.TranslateElement({pageLanguage: 'en', includedLanguages: 'de,es,fr,it,nl', autoDisplay: false}, 'google_translate_element');
}
</script>
<script type="text/javascript" src="//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit"></script>
</div>
<div class="pdf-button">
<a href="https://confluence.wildix.com/spaces/flyingpdf/pdfpageexport.action?pageId=20711257" alt="Convert to .pdf" title="Convert to .pdf"><img src="https://confluence.wildix.com/download/attachments/14549012/pdf-button-download-wildix-documentation.png"></a>
</div>
</div>
</div> |
Collecting syslog from your Wildix devices can be useful in order to debug various issues. The best solution is to install Syslog Server reachable from outside your network. But in case Syslog Server can't be installed, there is still a possibility to capture data from your Wildix devices.
To capture a single trace:
-v -s0 -i any host <DEVICE_IP> and port 514 |
Where:
<DEVICE_IP> is the IP address of your device.
Note: a pcap file “trace_YYYY-MM-DD_HH-MM.pcap” is saved to /mnt/backups/traces/ folder. |
Important: The max size of 1 file is 50MB. In case its size reaches more than 50MB, a new file will be gererated automatically. |
To capture a long-time trace:
Open Terminal in the top menu of WMS and run the following command via SSH:
Note: the access to Terminal is enabled only for admin users. |
# sudo tcpdump -s0 -i any -w /mnt/backups/traces/<FILE_NAME>.pcap host <DEVICE_IP> and port 514 |
Where:
<FILE_NAME> is the name of a file. You can put any name here.
<DEVICE_IP> is the IP address of your device.
Example:
# sudo tcpdump -s0 -i any -w /mnt/backups/traces/test_trace.pcap host 10.100.5.127 and port 514 |
Note: in case you need to collect syslog trace from various devices, run the following command via SSH:
Where: <FILE_NAME> is the name of a file. <DEVICE_1>, DEVICE_2>, DEVICE_3> are the IP addresses of your devices. |
# sudo tcpdump -s0 -i any -w /mnt/backups/traces/<FILE_NAME>.pcap host <DEVICE_IP> and port 514 -C 50 -W 10& |
Where:
<FILE_NAME> is the name of a file.
<DEVICE_IP> is the IP address of your device.
-C XX is the max size in MB for each pcap file.
-W XX is the max number of pcap files.
& means that pcap trace will be activated in background (it will be still active even if you terminate the SSH session).
ps aux |grep tcpdump |
To stop a trace, run the following command. Put the process ID instead of <PID>:
kill -9 <PID> |
Run the following command via SSH:
# sudo tcpdump -A -r /mnt/backups/traces/<FILE_NAME>.pcap | sed '/^\s*$/d' | grep -v "SYSLOG" > /mnt/backups/traces/syslog_device_YYYY-MM-DD.log |
Where:
<FILE_NAME> is the name used to generate a long-time trace (See Method 2).
/home/admin/syslog_device_YYYY-MM-DD.log |
<div class="fb-like" data-href="https://confluence.wildix.com/x/WQc8AQ" data-layout="button_count" data-action="recommend" data-size="large" data-show-faces="true" data-share="true"></div> |
|