Setting up a Syslog Server

Scope

This article describes setting up a Syslog server on a Windows PC connected to the Axia network.

Description

Sometimes it's necessary to review data in logs to help troubleshoot a problem. In some cases, either the device cannot maintain an internal log (Studio Mix Engine) or reboots/crashes cause internal logs to get lost. Setting up a syslog server can help in this area:

  • It allows the use of more data storage space than the DUT (Device Under Test) has internally

  • It maintains logging after the DUT has crashed/rebooted.

WARNING: Don't develop syslog-induced anxiety! Syslog displays internal warning and error messaging that doesn't always indicate a problem. These messages present the opportunity to invent problems where no symptoms exist (Hypochondriasis!). If you are reviewing data in a Syslog and seeing such messaging, don't be alarmed by it unless there is an actual problem. "Take it all with a grain of salt," they say. Also, bear in mind that Syslog is only for internal message reporting. It's not a good solution for operational situations such as seeing if someone pressed a button.

PC Requirements

  • Windows 7 or later (Windows XP may work too)

  • .net 3.5 or Later (enabled on most computers from Add/Remove programs, then Turn Windows Features On or Off

Syslog Installation

NOTICE: syslog_server.exe is a portable executable program that will run without any special installation. Just download and run.

  1. Download syslog_server.exe

  2. Store the file in an appropriate location, such as a Program Files folder

  3. Make a shortcut for your Desktop or Start Menu

  4. Run syslog_server.exe

  5. If Windows complains about any risky business, tell it to run the program anyways.

  6. Tell Windows Firewall to allow this program access to the network

Logging to a File

  1. Click Options on the menu bar

  2. Click the Log tab

  3. Check the Write log information to file checkbox

  4. Choose a folder, filename prefix, and extension

  5. Click Save

Using Syslog Server

In the log configuration of your DUT (Device Under Test), enter the IP address of the PC running syslog_server.exe and set the port value (if prompted) to 514.*

In this example, we're configuring a QOR Engine:

Most loggers will have a logging level setting. Use the value recommended by Telos support. The logging level will vary by the issue being sought.

Resist the urge to set logging to Debug. The debug setting on its own can be very intensive and can cause problems on its own, or make problems worse. You should not use debug unless asked to by support.

TIP: To find the IP address of the PC, open a command prompt and use the command: ipconfig

* - Syslog is a standard for data logging. Syslog clients send messages to a syslog server which may display or save them to a local file. By default, Syslog messages are sent using the UDP protocol on port 514.

Once you setup the log output, return to the running syslog server application and look for incoming messages from the device. This example shows data coming in from a Z/IP Stream R/1.

The controls are pretty intuitive:

  • Use the Filter field to filter specific IP addresses, etc

  • Use the Display checkboxes on the left to filter to a specific level of logging

  • Stop and Start stops and starts the recording of the logger

  • Autoscroll automatically scrolls the logger window as messages arrive

  • Select All selects the entire logger window

  • Copy to Clipboard does precisely that

  • Clear clears the entire logger window

Finally, the program will run in the background, so if you close it, it will still be active in the Windows system tray:

Let us know how we can help

If you have further questions on this topic or have ideas about how we can improve this document, please contact us.