Remote logging with syslog

[Blonthor]

[TL;DR below]

Hello,

Firstly I would like to say that the Tetra is an amazing piece of equipment and love that it is still being updated. Yesterday I powered up my Tetra again and noticed all the new updates (has probably not been on for a year) and love that it is still very active.

That being said, I would like to talk about active remote logging. My goal is to set up the Pineapple Tetra to listen to beacons/probe requests, send this information (preferable syslog 514) to a logcollector so that I can send the information to a Kibana or Grafana dashboard. I live near a pretty busy street, so i would like to see in graphs how many unique devices walk by my house. 

At the moment I've noticed that only reporting/logging over SMTP is enabled. Unfortunately services like syslogd/syslog-ng have not been integrated in the GUI nor enabled in the shell. I'm able to install one of them through the opkg installer, but before i start adding dependencies over SSH I wanted to check, where can I get the logs from?

I enabled the PineAp, started the logging and after a few minutes started the reporting manually and also enabled log every hour.  I started an SSH session and started to look for the logging. Firstly I found some sessions_xxx files but these did not contain the information I was looking for. Then I just tailed the files in the tmp folder and noticed it contained the information I was looking for:

*Removed MAC intentionally* 

Unfortunately, this file is only updated with a minimum of once per hour. I've yet to find the file that the PineAp configuration is actively adding the logging information. I did find some files that i believe contained the information, but unfortunately this did not seem to be clear text files. 

You might be thinking, why use the Tetra for something like this, a Raspberry would suffice. The reason I want to use the Tetra is because i'm done (at the moment) playing with all it's features and I love the range of it. Since i'm not using it for anything else, I thought using it as a beacon/probe request listener would be better than gathering dust on the shelf.

[TL;DR]

1. Is there a clear text file that the PineAp configuration logs to so you could basically tail -f the file to see new beacons/probe requests without using the one hourly reporting function.

2. Is it safe to install syslog-ng or syslogd over opkg without potentially bricking the Tetra?

[3]. I do not believe there is, but if anybody has a complete setup working with logging to something like ELK stack/Grafana/Kibana, care to share?