Slug and Syslog Server

One thing I miss about having the web server on the Slug, is having logfiles. Since it's running on a USB flash drive, I've turned off logging for everything so I don't kill the flash. I finally got around to setting it up to use a syslog server and pointed it at my HA box.

To do this, I edited /etc/syslog.conf on the Slug, setting DESTINATION to "remote" and REMOTE pointing to the HA server.

DESTINATION="remote"            # log destinations (buffer file remote)
MARKINT=60                      # interval between --mark-- entries [min]
REDUCE=no                       # reduced-size logging
BUFFERSIZE=64                   # buffer: size of circular buffer [kByte]
LOGFILE=                        # file: where to log
REMOTE=aaa.bbb.ccc.ddd:514      # remote: where to log
FOREGROUND=no                   # run in foreground (don't use!)

In /etc/lighttpd.conf, I set up some conditionals for access logging:

$HTTP["url"] !~ "(\.css|\.js$)" {
  $HTTP["remoteip"] != "aaa.bbb.ccc.0/24" {
    accesslog.use-syslog = "enable"
  }
}

Anything other than .css and .js files viewed from anywhere but my LAN will get logged. Cool.

Finally, I played around with few free syslog servers. None of them did what I wanted so I wrote my own in Perl. It's very simple so far and not very efficient with the logfile handling, but it works for now:

use warnings;

use IO::Socket;
use IO::Select;
use Sys::Hostname;

$port = 514;

$socket = IO::Socket::INET->new(
    Proto     => 'udp',
    LocalPort => $port,
    ); 
die "Could not create socket: $!\n" unless $socket;

print "syslog server\n";

while (defined($socket)) {
  recv($socket,$msg,1500,0);
  @msg=split(' ',$msg);

  if ($msg[11] ne "") {
      print "$msg[1] $msg[2] $msg[3] $msg[4] $msg[7] $msg[11]\n";
  }
  open(SYSLOG,">>./syslog.txt");
  print SYSLOG "$msg\n";
  close(SYSLOG);
}

close($socket);