Meraki

rhbirkelund · ‎Dec 29 2018

Hey,

Anyone out there, tried setting up rsyslog to receive syslogging from an MX, instead of syslog? I'm messing around with a small IoT solution (RPi) to send out to clients during installation phases, where I need more detailed eventlogs.

RPi comes native with rsyslog, so I wanted to try using that instead of messing around with two different instances of syslog.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

PhilipDAth · ‎Dec 29 2018

From an external point of view syslog, syslog-ng and rsyslog all look identical (when using udp/514).

You can just use rsyslog. You wont need to install any otehr syslog daemon at the same time.

rhbirkelund · ‎Dec 30 2018

@PhilipDAth wrote:
From an external point of view syslog, syslog-ng and rsyslog all look identical (when using udp/514).

You can just use rsyslog. You wont need to install any otehr syslog daemon at the same time.

That is also my plan. To just use rsyslog, since it is native with the RPi.

But I want to split the meraki events to a separate log file, so I don't end up cluttering the RPi events with Meraki events. As well as, maybe do some Linux best practices.

I was hoping someone had any experience with rsyslog and Meraki, and perhaps be willing to share a conf-file.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

PhilipDAth · ‎Dec 30 2018

Splitting the log file by IP address is an easy way of doing this.

https://firegenanalytics.com/2018/02/configuring-rsyslog-to-split-the-logs-by-device-ip-and-rotate-t...

Meraki

Community

Using rsyslog instead of syslog

Using rsyslog instead of syslog