GitHub - rybolov/rtr2syslog: Takes Real Time Reporting (RTR) data streams and makes a syslog call.

rybolov / rtr2syslog Public

Notifications You must be signed in to change notification settings
Fork 0
Star 1

Takes Real Time Reporting (RTR) data streams and makes a syslog call.

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 17 Commits
LICENSE		LICENSE
README		README
TODO		TODO
config.php.sample		config.php.sample
functions.php		functions.php
index.php		index.php
logtest.php		logtest.php
post.body.txt		post.body.txt
rtr.example.txt		rtr.example.txt
rtr.post.txt		rtr.post.txt
rtr2syslog.kpf		rtr2syslog.kpf
syslogconfig.txt		syslogconfig.txt

Repository files navigation

rtr2syslog: take Real Time Reporting and write to disk using syslog
Michael Smith rybolov@ryzhe.ath.cx
http://www.guerilla-ciso.com

License is MIT Expat.  See LICENSE.

If you have an RTR line that makes errors, send it to me.
Line elements 5, 11, 12, and 14 have complex regexp and I might have missed some
valid line characters.

To install:
Untar
Configure:
    cp config.php.sample config.php
    vi config.php
For syslog setup:
    Set $syslogident in config.
    Add a line to /etc/syslog.conf or comparable, look in syslogconfig.txt for samples
    

    
Troubleshooting:
Use logtest.php to test php => syslog or php => directlogfile config
Turn on $debugresponse in config.php if you're watching "on the wire"
Turn on $debug in config.php to "error"
Debug log: tail -f <debug.log>
Unfiltered logs: tail -f /var/log/messages
Filtered logs: tail -f </var/log/rtr2syslog.log>