Skip to end of banner
Go to start of banner

How to collect Syslog from Wildix Devices

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

 

Sometimes is required to collect syslog from Wildix devices in order to debug some issues.
Best way is to set up within a company, a syslog server, reachable from outside. Then provision the Wildix device with your Syslog server IP.
In case you do not have a syslog server in place, you can still have the possibility to grab the log from your Wildix device.
Here you are an easy way to do that in just 5 easy steps.


1. Enable Syslog server in the your device via provisioning

Goes to “Devices -> Edit -> Syslog Server” , enable it and set the Wildix PBX IP. Then click on “Configure/Sync device”

 

2. Capture the syslog from PBX

 

Method 1 (if you need a one-shot trace)

From PBX web interface, under “Settings -> Tools & Utilities -> Generate Trace”, select “Custom tcpdump” and add the following string:


-v -s0 -i any host <DEVICE_IP> and port 514

 

Where <DEVICE_IP> is the IP address of your device.

Then click to “start”.
When over, click to "stop".

NOTE: in this case the file name will be automatically created when you press “Stop” as “trace_YYYY-MM-DD_HH-MM.pcap” and saved under /mnt/backups/traces/ folder.

*ATTENTION*: In this way the system will run a trace and will write 1 file till it reaches 50MB. After that the file will be overwritten.

Where <DEVICE_IP> is the IP address of your device.

Method 2 (if you need to run syslog trace log time)

From PBX command line run the following command:

 

# sudo tcpdump -s0 -i any -w /mnt/backups/traces/<FILE_NAME>.pcap host <DEVICE_IP> and port 514

 

Once you have done the test call, you can press CRTL+C to exit.

 

If you need to activate a long time trace in background use the following command : 

# sudo tcpdump -s0 -i any -w /mnt/backups/traces/<FILE_NAME>.pcap host <DEVICE_IP> and port 514 -C 50 -W 10&

-W XX defines the max number of pcap files 

-C XX defines the max size in MB for each pcap file

& means that pcap trace will be activated in background (it will be still active even if you terminate the ssh session). To stop a trace in background :
  • launch ps aux |grep tcpdump    to check process id
  • kill -9 <PID> (PID = process id from previous point) 


3. Generate the syslog file


From PBX command line run the following command:

 

# sudo tcpdump -A -r /mnt/backups/traces/<FILE_NAME>.pcap | sed '/^\s*$/d' | grep -v "SYSLOG" > /home/admin/syslog_device_YYYY-MM-DD.log

4. Download the syslog

Download file /home/admin/syslog_device_YYYY-MM-DD.log

 

5. Disable syslog on the device

See step 1, and remove the IP from provisioning field

  • No labels