Jump to content

Search the Community

Showing results for tags 'syslog'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • WiFi Pineapple Mark VII
    • USB Rubber Ducky
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • WiFi Pineapple (previous generations)
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Enter a five letter word.

Found 5 results

  1. Hi I currently use syslog for my network devices. I was wondering if would be possible to run software on RPi4 to analyse the syslog , to detect attacks and suspicious activity? Even better if it has a graphical interface 🤔
  2. [TL;DR below] Hello, Firstly I would like to say that the Tetra is an amazing piece of equipment and love that it is still being updated. Yesterday I powered up my Tetra again and noticed all the new updates (has probably not been on for a year) and love that it is still very active. That being said, I would like to talk about active remote logging. My goal is to set up the Pineapple Tetra to listen to beacons/probe requests, send this information (preferable syslog 514) to a logcollector so that I can send the information to a Kibana or Grafana dashboard. I live near a pretty busy street, so i would like to see in graphs how many unique devices walk by my house. At the moment I've noticed that only reporting/logging over SMTP is enabled. Unfortunately services like syslogd/syslog-ng have not been integrated in the GUI nor enabled in the shell. I'm able to install one of them through the opkg installer, but before i start adding dependencies over SSH I wanted to check, where can I get the logs from? I enabled the PineAp, started the logging and after a few minutes started the reporting manually and also enabled log every hour. I started an SSH session and started to look for the logging. Firstly I found some sessions_xxx files but these did not contain the information I was looking for. Then I just tailed the files in the tmp folder and noticed it contained the information I was looking for: *Removed MAC intentionally* Unfortunately, this file is only updated with a minimum of once per hour. I've yet to find the file that the PineAp configuration is actively adding the logging information. I did find some files that i believe contained the information, but unfortunately this did not seem to be clear text files. You might be thinking, why use the Tetra for something like this, a Raspberry would suffice. The reason I want to use the Tetra is because i'm done (at the moment) playing with all it's features and I love the range of it. Since i'm not using it for anything else, I thought using it as a beacon/probe request listener would be better than gathering dust on the shelf. [TL;DR] 1. Is there a clear text file that the PineAp configuration logs to so you could basically tail -f the file to see new beacons/probe requests without using the one hourly reporting function. 2. Is it safe to install syslog-ng or syslogd over opkg without potentially bricking the Tetra? [3]. I do not believe there is, but if anybody has a complete setup working with logging to something like ELK stack/Grafana/Kibana, care to share?
  3. I'm still running in the payload timeout after 1 Minute. So I did some investigation about it. I made the attached payload.txt for testing. I put the command logger "#### Start Test payload #### at the beginning of the payload and logger "#### End Test payload ####" at the end. So I can examine the syslog what happens during ten payload run. After approx. 1:30 min bunny.service is running into a timeout ......... Apr 6 09:56:52 bunny logger: #### Loop Test payload #### Apr 6 09:56:54 bunny logger: #### Loop Test payload #### Apr 6 09:56:56 bunny logger: #### Loop Test payload #### Apr 6 09:56:58 bunny systemd[1]: bunny.service start operation timed out. Terminating. Apr 6 09:56:58 bunny systemd[1]: Failed to start bunny.service. Apr 6 09:56:58 bunny systemd[1]: Unit bunny.service entered failed state. Apr 6 09:56:58 bunny systemd[1]: Starting Multi-User System. Apr 6 09:56:58 bunny systemd[1]: Reached target Multi-User System. Apr 6 09:56:59 bunny systemd[1]: Startup finished in 2.366s (kernel) + 1min 34.343s (userspace) = 1min 36.710s. The result of the command systemctl show bunny.service |grep Timeout is TimeoutStartUSec=1min 30s TimeoutStopUSec=1min 30s JobTimeoutUSec=0 Guess this is the reason for the payload timeout. Can anybody confirm this? I willl do more investigations syslog payload.txt ______________________________________________________________________________________________________________________ OK got it..... I insert the value TimeoutSec=5min under the [Service] section of file /lib/systemd/system/bunny.service Now it works with a timeout of 5 min. (see attached syslog.solved_5min_Timeout) Be carefully, I'm not responsible for any damage of the bunny :-) @Darren Kitchen @Sebkinne If you agree (because its part of Firmware) I can make a payload who will patch this. syslog.solved_5min_Timeout
  4. Hi! Tried to find something useful, but no luck. I want to send syslog messages to central server. I have openvpn working from command line. So I would need 2 things: 1. Where to configure persistent, that syslog messages will be sent to central syslog server. I need this so ship some logs to logstash server. I didn't find anything useful except syslog. 2. I want so openpvn start with my configuration. Its not started at the moment. It is installed on SD card. Any tips, hints? Thanks. MIlan
  5. My pineapple crashes and reboots a lot. I'd like to figure out why. Common sense tells me to begin by sifting through something like a system log that might detail the events that led to each crash. The trouble is, when I look at the log available through the web interface after a crash, the first entry only begins 0:38 seconds after the reboot. No events are listed prior to it: Jan 1 01:00:38 Pineapple kern.info kernel: [ 30.720000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp) This makes it difficult to determine what precipitated the uncommanded reboot. How and where do I find log files that would detail events that are occurring prior to the uncommanded reboots? If the answer involves the Log Check infusion or the "custom tail" option, perhaps someone could steer me toward resources that might help in understanding how to use it? I really don't know where to begin.
×
×
  • Create New...