Which is the best way to view my logs in a web interface?

[Cosmo_Kramer]

Hello,
I'd like to be able to check my syslogs via a web interface rather than SSH into the FreeNAS box and read through the files. I don't believe there is a native function for this in FreeNAS, therefore, is there a particular port that any of you would recommend to install in a jail? I'd prefer authentication options to view the logs but it's not necessary.

Thank you for your time.

 

[TheSmoker]

You can use http://logstash.net for collection, aggregation and normalization then you can use http://graylog2.org for displaying purposes.
Warning: i have not used it on freenas yet, but on vanilla freebsd servers.


Sent from my iPad using Tapatalk HD

 

[Cosmo_Kramer]

You can use http://logstash.net for collection, aggregation and normalization then you can use http://graylog2.org for displaying purposes.
Warning: i have not used it on freenas yet, but on vanilla freebsd servers.


Sent from my iPad using Tapatalk HD

Thank you very much for your reply. I currently have the dataset syslog so all my logs are in one place as it is; therefore, I can simply setup a mount point.
Is there anyway you could help me figure out how to install logstash or graylog2 (seeming as how they both offer a webui), either over IM or posts?
I assume I have to install the Java SDK port for logstash and then I have to install the logstash port but I am not exactly sure what to do from there.
I did find this link however:
http://logstash.net/docs/1.2.1/tutorials/getting-started-simple

But it doesn't seem to help me in this instance because I am installing it via ports.

 

[Cosmo_Kramer]

I did get it running but I was getting an error with the elasticsearch.
Any other suggestions for software?

Thanks for your time.

 

[Whattteva]

I'm not sure about the other logs, but /var/log/messages viewer is built-in on FreeNAS. You just have to enable the footer in FreeNAS GUI: System -> Settings -> Advanced -> Show console messages in the footer

 

[Cosmo_Kramer]

I'm not sure about the other logs, but /var/log/messages viewer is built-in on FreeNAS. You just have to enable the footer in FreeNAS GUI: System -> Settings -> Advanced -> Show console messages in the footer

Thank you for the tip.
I have that setup already and it does tell me some messages but I mainly wanted to see the SSH access logs.

 

[dlavigne]

In Shell you can "tail -f /var/log/any_log_name". This is the equivalent to the above (which is really just tail -f /var/log/messages). Use ctrl+c when you are finished watching the log to get the prompt back.

 

[Cosmo_Kramer]

In Shell you can "tail -f /var/log/any_log_name". This is the equivalent to the above (which is really just tail -f /var/log/messages). Use ctrl+c when you are finished watching the log to get the prompt back.

Thanks for the tip. That does work fairly well but it's still not as convenient. I do run AjaXplorer on the NAS in a jail; perhaps I could just mount the syslog dataset in the AjaXplorer jail and view it like that. It'll work, but it's just not that convenient because AjaXplorer can't view the log files natively.

 

[Whattteva]

You can perhaps rename the log files to an extension that it understands natively, they're all just text files after all.
Note: I don't know what AjaXplorer is, so forgive me if I sound ignorant.

 

[Cosmo_Kramer]

You can perhaps rename the log files to an extension that it understands natively, they're all just text files after all.
Note: I don't know what AjaXplorer is, so forgive me if I sound ignorant.

AjaXplorer is like OwnCloud. It is a web GUI for file access with many features (Like dropbox).
That would work on AjaXplorer's end but what I'm worried about is, wouldn't FreeNAS stop logging to those files if they were renamed?

Thanks for all of your help everyone.

 

[Whattteva]

There is a configuration file you can change to rename those files... let me pull it up and post an edit in a few minutes.

EDIT: It's located in /conf/base/etc/syslog.conf
You will need to mount the file system for read/write and reboot for it to take effect.
One caveat of going this route is that it will not survive image upgrades and you will have to redo this step when you upgrade FreeNAS version in the future. Maybe there is a way to do this that will survive updates, but I'm not aware of it and someone else may be able to clue you in.

 

[Cosmo_Kramer]

There is a configuration file you can change to rename those files... let me pull it up and post an edit in a few minutes.

EDIT: It's located in /conf/base/etc/syslog.conf
You will need to mount the file system for read/write and reboot for it to take effect.
One caveat of going this route is that it will not survive image upgrades and you will have to redo this step when you upgrade FreeNAS version in the future. Maybe there is a way to do this that will survive updates, but I'm not aware of it and someone else may be able to clue you in.

Okay, so I took a look at the file and this seems to be exactly what I need to change. How would I go about mounting the file system for read/write?

Thanks again for all of your help.

 

[pirateghost]

AjaXplorer is like OwnCloud. It is a web GUI for file access with many features (Like dropbox).
That would work on AjaXplorer's end but what I'm worried about is, wouldn't FreeNAS stop logging to those files if they were renamed?

Thanks for all of your help everyone.

I wouldn't say ajaxplorer is like Dropbox or owncloud but rather just a webgui file browser.

Here's an idea:
Setup a cron job that cp's the logs out to a mounted directory and names them by date with an extension that works with ajaxplorer

 

[Cosmo_Kramer]

I wouldn't say ajaxplorer is like Dropbox or owncloud but rather just a webgui file browser.

Here's an idea:
Setup a cron job that cp's the logs out to a mounted directory and names them by date with an extension that works with ajaxplorer

That is a good idea. It turns out if I use Chrome instead of Firefox, it lets me double click on the .log file and open it.
So instead of having all of my logs in there, I just selected my auth log.
Here is my script for those interested:

Code:

#!/bin/bash
 
# Set today's date variable in yyyymmdd format
TDY=`date +%Y%m%d`
 
#copy the logs
cp /mnt/Volume/syslog/log/auth.log /mnt/Volume/syslog/parsed/
 
#clear the logs
cp /dev/null /mnt/Volume/syslog/log/auth.log
 
#change owner and rename the logs
chown root:Logs /mnt/Volume/syslog/parsed/auth.log
mv /mnt/Volume/syslog/parsed/auth.log /mnt/Volume/syslog/parsed/auth.${TDY}.log

I have the script running at midnight every day.

 

[Whattteva]

Okay, so I took a look at the file and this seems to be exactly what I need to change. How would I go about mounting the file system for read/write?

Thanks again for all of your help.

To mount read/write, you can use:

Code:

mount -uw /

After you make your changes and reboot, the file system will revert back to read-only automatically, so no need to do anything after.

 

[Dusan]

Code:

mount -uw /

It's better to use "mount -o noatime -uw" to minimize the chance of metadata corruption.

Maybe there is a way to do this that will survive updates, but I'm not aware of it and someone else may be able to clue you in.

I modified quite a lot of files in my install (several of the periodic scripts, UPS configs, ...). I use this "workaround" to make sure the changes survive an upgrade/reinstall:

• I store all the changed files in a directory on the ZFS pool
• I have a shell script that copies the files to the correct locations (directly to /etc, not /conf/base) & restarts services if necessary
• I have that shell script configured to run as a postinit action

Of course, after an upgrade I need to check if the original files changed and merge the changes, but at least I have all my modifications in one directory.
I also did some code changes, but so far all of them were accepted into the official FreeNAS github repo. That way I do not have to worry about reapplying the changes after the upgrade -- they will be included directly in the next release ;).

 

[Yatti420]

It's not a web interface but I used Minirsyslogd in a new jail.. You can find info on minirsyslogd here..