Syslog
On this page, you can define in detail how the system log (syslog) is supposed to work.
For the syslog to work correctly, you have to do the following:
- Allow the syslog port in the firewall settings. You can do it in Settings Syst. settings Security.
- Set server_ip correctly in Settings Syst. settings General. Enter the IP address of the ISPadmin server. All MikroTik routers will send data from their system logs to this IP address.
General configuration of syslog
| syslog_enable | Activate / deactivate the syslog server. After installation, the function is not active. Therefore, it is necessary to activate it. |
|---|---|
| syslog_store_days | Set how long data are to be stored on the server (default: 14 days). |
| syslog_store_lines | Set how many entries are to be stored in the database (default: 250000). |
Filters
On this page, you can add, edit and delete filters that will force the system to discard entries containing the text that you have entered.
Examples of filters:
user admin .* in from
user admin logged out from
If you add these filters to the system, logins / logouts of ISPadmin to / from MikroTik routers will not be recorded in the syslog. These particular filters are useful, as there can be quite a large number of login/logout entries and they have a low informative value.
Selection of monitored items
Here you can define which groups of messages from routers will be monitored. You can deactivate / activate individual items in the list by clicking on 
and 
.
When you are configuring the syslog for the first time, it is recommended that you activate only a limited number of items and monitor the behaviour of the system. If everything is all right, you can activate further items. If you begin to monitor too many items and your server is not powerful enough, it might happen that your server will be busy!