• November 01, 2024, 06:33:23 AM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: DiR 655 and rSyslog  (Read 5286 times)

moxmadrid

  • Level 1 Member
  • *
  • Posts: 1
DiR 655 and rSyslog
« on: December 12, 2013, 10:40:59 PM »

Hi,

I'm pretty new to using D-Link devices so here is my question. (I hope this is not a limitation or something.)

I have an Ubuntu Server 12.04 LTS running rsyslog storing syslog files everyday to a local NAS.  I was able to set thing up right correctly,i can see data, but what I cannot see is traffic, specially http and other udp for streaming.  I was used to seeing websites and IP that a computer is going to with another brand but not with the syslog fiels im getting from my 655.

any thoughts on this would be great.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DiR 655 and rSyslog
« Reply #1 on: December 13, 2013, 07:08:13 AM »

Link>Welcome!

  • What Hardware version is your router? Look at sticker under router.
  • Link>What Firmware version is currently loaded? Found on the routers web page under status.
  • What region are you located?

I'm not fully sure if what your asking is supported using syslog on D-Link routers. Most of the data collection for D-Link routers using syslog is for diagnostic use and information of the routers processes and behaviors and mainly doesn't have that kind of data collection.

You may want to phone contact D-Link support and ask them what the syslog feature standard is and what it collects officially.

Let us know how it goes...
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

FlashGordon

  • Level 1 Member
  • *
  • Posts: 3
Re: DiR 655 and rSyslog
« Reply #2 on: December 26, 2013, 05:43:20 AM »

@moxmadrid

Just purchased an DIR-868L, partly on the basis that it would be able to provide useful FW logging information (external port scans and such). However, after trying every combination of log types and levels e.g. Firewall& Security\Information (which actually reverts to System\Information), found it records no such activity events on the WAN port. This seems a bit strange since the logs can be sent to a SYSLOG server, something that might normally be expected to be provided for recording such activity.

Would be very interested to see what sort of response you get back from DLINK support on standard syslog data set.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DiR 655 and rSyslog
« Reply #3 on: March 24, 2014, 12:17:28 PM »

Any status on this?  ???
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.

FlashGordon

  • Level 1 Member
  • *
  • Posts: 3
Re: DiR 655 and rSyslog
« Reply #4 on: April 14, 2014, 01:07:21 AM »

Apologies for late reply. When we got bridge mode (with 1.07?), I dropped separate a modem and hardware firewall in front of it.

D-Link support response was:
 
'It will only send the basic information to the syslog server, the same as you see in the log within the router. The router wont actually be able to send any external scans like this, on the consumer routers the logging is pretty much basic and you canīt get so much information from it. The log will show actions in the router hardware, blocked udp and tcp requests etc. If you are looking for more options a firewall might be a better option in this case.'.
Logged

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Re: DiR 655 and rSyslog
« Reply #5 on: April 14, 2014, 08:48:53 AM »

Bridge mode came in on v1.02...

Thanks for sharing this info.

Apologies for late reply. When we got bridge mode (with 1.07?), I dropped separate a modem and hardware firewall in front of it.

D-Link support response was:
 
'It will only send the basic information to the syslog server, the same as you see in the log within the router. The router wont actually be able to send any external scans like this, on the consumer routers the logging is pretty much basic and you canīt get so much information from it. The log will show actions in the router hardware, blocked udp and tcp requests etc. If you are looking for more options a firewall might be a better option in this case.'.

Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.