Sending syslog messages to a mac

(very old draft)

I have a router that is playing-up. It locks-up about once per day. The router is a DG834GV (v1). I recently changed ISPs and the router started to lock-up - it could just be a coincidence. My new ISP resells Telstra's ADSL(1) service so the DSLAM and probably the port are unchanged. Anyway, I thought it might be nice to see if there are any syslog messages being sent just before the router locks-up. I have a mac that runs OS-X (currently 10.5.5) that has a syslog server. So I thought I could use it to capture the syslog messages. The computer said no. The apple default configuration only logs local syslog messages. A quick google search showed that other people have re-configured it to work so I followed some instructions (which I have modified) I found here:

To enable your Leopard system to receive network syslog messages edit: /System/Library/LaunchDaemons/com.apple.syslogd.plist Open the Terminal application found in Applications/Utilities. Type sudo nano /System/Library/LaunchDaemons/com.apple.syslogd.plist Find this comment: "Un-comment the following lines to enable the network syslog protocol listener". If you can not find this comment, see my note below on my upgraded Tiger system. Change the next <!-- into <!-- --> and the following --> into <!-- -->. Now save the file by holding down the control key and pressing o to write-out the file and then you can hold control and press x to exit the editor. To enable these changes you need to restart the syslog server: sudo launchctl unload /System/Library/LaunchDaemons/com.apple.syslogd.plist sudo launchctl load /System/Library/LaunchDaemons/com.apple.syslogd.plist That should allow your external device to dump it’s log into the system log. In my case I also needed to enable syslog packets through my manually configured firewall so I executed the following command: sudo ipfw add 5 allow log udp from any to any syslog in Note: This would need to be re-entered after a re-boot. I can now see syslog messages from my router being logged to my mac using the Console application found in Applications/Utilities. Here is an example of a syslog message from my router: 12/01/09 1:33:55 AM IP address is the same, and does not need to be updated! Testing From a terminal you can issue the following command to send a syslog message to your logger:

syslog -s -r yourMacsName.local "some message" or you can use the IP address of your mac: syslog -s -r 10.0.0.1 "some message" See the man page for syslog for a full description of the message format. Upgraded Tiger Systems I also have a PowerBook G4 that has been upgraded from Tiger to Leopard and it has a slightly different /System/Library/LaunchDaemons/com.apple.syslogd.plist file. The main problem is that it does not appear to have the comment I referred to. So to enable it you need to un-comment the NetworkListener key and following dict lines. Unfortunately, I can not get this syslog server to work.