Graylog Server setup on Old Compac Laptop running Ubuntu.

phillyaj

Occasional Visitor
So I've been trying to figure out how can I capture Logs from my Asus routers (RT-AX86U and RT-AC68U-Mesh node), and I finally got it up and running. It bugs me that when I have issues, and need to restart the router that I can't go back and see what the hell happened. There's got to be a way..:confused:

Here's what I did.

Had an old Compaq Presario C700 Laptop with 2G of RAM and 100G HD laying around collecting dust, so I decided to put it to work.

First I created an Ubuntu 20.10 boot image on a USB stick and did a wipe and install of Ubuntu.
I found that "GrayLog" has an opensource FREE version that you can use, and the price was right!!
After getting the system all updated and patched, I followed the installation documentation here..
After some tweaking, patching and googling to get Java to load and all the services to start...I was able to get the server up and running.

Now...to send it some logs. First I had to setup an input listener. I found that you can't listen on port 514 (Default for Syslog), so was able to set it up to listen on port 1514.

Logged onto my Primary router (RT-AX86U) and set the Remote Log Server to my Laptop IP and port 1514 and Voila!!!

1608253534180.png
 

phillyaj

Occasional Visitor
Update for those who care. Graylog was too heavy for what I wanted...i.e. Elasticsearch and MongoDB. I switched to Logalyze, which is a small JAVA app that I have running on an old laptop running XUbuntu.
 

Chiny91

Occasional Visitor
Looks impressive but what was not adequate with the default logserver in Ubuntu (rsyslog or syslog-ng presumably) ? I'm always a sucker for pretty graphs myself, so could be persuaded :)

Currently I use rsyslog running on an Odroid (also runs other servers) output displayed on my Mac. See pic; I just click on the file name and the text file contents get displayed on the right. Easy, reliable but no pretty graphs.

Screenshot 2020-12-29 at 09.42.15.png
 

phillyaj

Occasional Visitor
Well...I'm all for simplicity myself.. Yes...using rsyslog was considered...but I am also a sucker for a pretty graph. I found "LOGalyze" to be very light...and it has a nice web interface. Right now I only have my RT-AX86u and the machine running the logging enabled. Graphs are customizable, as well as severity. Still kicking the tires of this..but easy and lite.

1609258896691.png
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top