Difference between revisions of "Manual:System/Log"

From MikroTik Wiki
Jump to: navigation, search
m
Line 1: Line 1:
 +
<h2>Summary</h2>
 +
 +
<p><b>Sub-menu level:</b> <code>
 +
<br />
 +
: /system logging
 +
: /log
 +
</code>
 +
</p>
 +
 +
<p>
 +
<br />
 +
RouterOS is capable of logging various system events and status information. Logs can be saved in routers memory (RAM), disk, file, sent by email or even sent to remote syslog server (RFC 3164).
 +
</p>
 +
 +
<h2>Log messages</h2>
 +
<p>
 +
All messages stored in routers local memory can be printed from <code>/log</code> menu. Each entry contains time and date when event occurred, topics that this message belongs to and message itself.
 +
<pre>
 +
[admin@ZalaisKapots] /log> print
 +
jan/02/1970 02:00:09 system,info router rebooted
 +
sep/15 09:54:33 system,info,account user admin logged in from 10.1.101.212 via winbox
 +
sep/15 12:33:18 system,info item added by admin
 +
sep/15 12:34:26 system,info mangle rule added by admin
 +
sep/15 12:34:29 system,info mangle rule moved by admin
 +
sep/15 12:35:34 system,info mangle rule changed by admin
 +
sep/15 12:42:14 system,info,account user admin logged in from 10.1.101.212 via telnet
 +
sep/15 12:42:55 system,info,account user admin logged out from 10.1.101.212 via telnet
 +
</pre>
 +
</p>
 +
 +
<b>Note</b> that print command accepts several parameters that allows to detect new log entries, print only necessary messages and so on. For more information about parameters refer to [[Scripting#print_parameters | scripting manual]]
 +
For example following command will print all log messages where one of the topics is info and will detect new log entries until Ctrl+C is pressed
 +
<pre>
 +
[admin@ZalaisKapots] /log > print follow where topics~".info"
 +
12:52:24 script,info hello from script
 +
-- Ctrl-C to quit.
 +
</pre>
 +
 
== Logging to file ==  
 
== Logging to file ==  
  

Revision as of 12:55, 17 September 2009

Summary

Sub-menu level:

/system logging
/log


RouterOS is capable of logging various system events and status information. Logs can be saved in routers memory (RAM), disk, file, sent by email or even sent to remote syslog server (RFC 3164).

Log messages

All messages stored in routers local memory can be printed from /log menu. Each entry contains time and date when event occurred, topics that this message belongs to and message itself.

[admin@ZalaisKapots] /log> print 
jan/02/1970 02:00:09 system,info router rebooted 
sep/15 09:54:33 system,info,account user admin logged in from 10.1.101.212 via winbox 
sep/15 12:33:18 system,info item added by admin 
sep/15 12:34:26 system,info mangle rule added by admin 
sep/15 12:34:29 system,info mangle rule moved by admin 
sep/15 12:35:34 system,info mangle rule changed by admin 
sep/15 12:42:14 system,info,account user admin logged in from 10.1.101.212 via telnet 
sep/15 12:42:55 system,info,account user admin logged out from 10.1.101.212 via telnet 

Note that print command accepts several parameters that allows to detect new log entries, print only necessary messages and so on. For more information about parameters refer to scripting manual For example following command will print all log messages where one of the topics is info and will detect new log entries until Ctrl+C is pressed

[admin@ZalaisKapots] /log > print follow where topics~".info"
12:52:24 script,info hello from script
-- Ctrl-C to quit.

Logging to file

To log everything to file, add new log action:

/system logging action add name=file target=disk disk-file-name=log

and then make everything log using this new action:

/system logging action=file

You can log only errors there by issuing command:

/system logging topics=error action=file 

This will log into files log.0.txt and log.1.txt.

You can specify maximum size of file in lines by specifying disk-lines-per-file. <file>.0.txt is active file were new logs are going to be appended and once it size will reach maximum it will become <file>.1.txt, and new empty <file>.0.txt will be created.

You can log into USB flashes or into MicroSD/CF (on Routerboards) by specifying it's directory name before file name. For example, if you have accessible usb flash as usb1 directory under /files, you should issue following command:

/system logging action add name=usb target=disk disk-file-name=usb1/log