OpenVPN Community Edition (Using SNMP and Syslog)

This forum is for general conversation and user-user networking.
Post Reply
macaujohn2000
OpenVPN User
Posts: 19
Joined: Thu May 31, 2012 2:22 am

OpenVPN Community Edition (Using SNMP and Syslog)

Post by macaujohn2000 » Fri Jun 15, 2012 12:29 am

Dear all,

I am using OpenVPN Community Edition, I have PRTG and Syslog Server, how can I set OpenVPN logging to syslog server and SNMP to PRGT server?

Thanks!

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by janjust » Fri Jun 15, 2012 7:21 pm

For syslog logging, add

Code: Select all

syslog  [name]
to the server config ; SNMP is not built into OpenVPN, so you cannot configure anything there. Perhaps there are some snmp traps written by others that you might find useful.

macaujohn2000
OpenVPN User
Posts: 19
Joined: Thu May 31, 2012 2:22 am

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by macaujohn2000 » Sat Jun 16, 2012 9:50 am

Is this log /etc/openvpn/openvpn.log and /var/log/message? will merge together?

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by janjust » Sat Jun 16, 2012 2:50 pm

from reading the sources it looks that if you specify both

Code: Select all

log /etc/openvpn/openvpn.log
syslog openvpn
then openvpn will log output to both files. I did not test this, however.

macaujohn2000
OpenVPN User
Posts: 19
Joined: Thu May 31, 2012 2:22 am

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by macaujohn2000 » Sat Jun 16, 2012 3:45 pm

As centos is to use rsyslog, how could I use? is it just add "rsyslog openvpn" in server.conf?

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by janjust » Sat Jun 16, 2012 10:21 pm

no just add

Code: Select all

syslog
(with an optional logging name) , as explained in the manual page. It does not matter if your OS uses syslog or rsyslog, this is an openvpn configuration option.

macaujohn2000
OpenVPN User
Posts: 19
Joined: Thu May 31, 2012 2:22 am

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by macaujohn2000 » Sun Jun 17, 2012 2:26 am

--daemon [progname]
Become a daemon after all initialization functions are completed. This option will cause all message and error output to be sent to the syslog file (such as /var/log/messages), except for the output of shell scripts and ifconfig commands, which will go to /dev/null unless otherwise redirected. The syslog redirection occurs immediately at the point that --daemon is parsed on the command line even though the daemonization point occurs later. If one of the --log options is present, it will supercede syslog redirection.
The optional progname parameter will cause OpenVPN to report its program name to the system logger as progname. This can be useful in linking OpenVPN messages in the syslog file with specific tunnels. When unspecified, progname defaults to "openvpn".

When OpenVPN is run with the --daemon option, it will try to delay daemonization until the majority of initialization functions which are capable of generating fatal errors are complete. This means that initialization scripts can test the return status of the openvpn command for a fairly reliable indication of whether the command has correctly initialized and entered the packet forwarding event loop.

In OpenVPN, the vast majority of errors which occur after initialization are non-fatal.

--syslog [progname]
Direct log output to system logger, but do not become a daemon. See --daemon directive above for description of progname parameter.

1. Is this means when i do not set 'log' or 'log-append', 'daemon openvpn' will make /var/log/messages that including all openvpn messages?
2. if i also sets 'syslog openvpn', it will no longer preserve any local messages in server? it only redirect to server?

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by janjust » Sun Jun 17, 2012 8:31 pm

1. Is this means when i do not set 'log' or 'log-append', 'daemon openvpn' will make /var/log/messages that including all openvpn messages?
yes
2. if i also sets 'syslog openvpn', it will no longer preserve any local messages in server? it only redirect to server?
if you use 'deamon' then you don't need to set 'syslog' anymore.

macaujohn2000
OpenVPN User
Posts: 19
Joined: Thu May 31, 2012 2:22 am

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by macaujohn2000 » Mon Jun 18, 2012 12:37 am

Why? because I want to keep local messages log and also redirect to syslog server, could you help to fix this problem?

User avatar
janjust
Forum Team
Posts: 2703
Joined: Fri Aug 20, 2010 2:57 pm
Location: Amsterdam
Contact:

Re: OpenVPN Community Edition (Using SNMP and Syslog)

Post by janjust » Mon Jun 18, 2012 8:11 am

that's a syslog setting - when you use 'syslog' or 'daemon' openvpn will send all output to the syslog daemon running on the local host; how that hosts stores messages locally and/or forwards them to a central host is a syslog/rsyslog setting and is outside the scope of this forum.

Post Reply