Jump to content

Remote logging with syslog


Blonthor

Recommended Posts

[TL;DR below]

Hello,

Firstly I would like to say that the Tetra is an amazing piece of equipment and love that it is still being updated. Yesterday I powered up my Tetra again and noticed all the new updates (has probably not been on for a year) and love that it is still very active.

That being said, I would like to talk about active remote logging. My goal is to set up the Pineapple Tetra to listen to beacons/probe requests, send this information (preferable syslog 514) to a logcollector so that I can send the information to a Kibana or Grafana dashboard. I live near a pretty busy street, so i would like to see in graphs how many unique devices walk by my house. 

At the moment I've noticed that only reporting/logging over SMTP is enabled. Unfortunately services like syslogd/syslog-ng have not been integrated in the GUI nor enabled in the shell. I'm able to install one of them through the opkg installer, but before i start adding dependencies over SSH I wanted to check, where can I get the logs from?

I enabled the PineAp, started the logging and after a few minutes started the reporting manually and also enabled log every hour.  I started an SSH session and started to look for the logging. Firstly I found some sessions_xxx files but these did not contain the information I was looking for. Then I just tailed the files in the tmp folder and noticed it contained the information I was looking for:

photo-2019-01-17-11-26-34.jpg
*Removed MAC intentionally* 

Unfortunately, this file is only updated with a minimum of once per hour. I've yet to find the file that the PineAp configuration is actively adding the logging information. I did find some files that i believe contained the information, but unfortunately this did not seem to be clear text files. 

You might be thinking, why use the Tetra for something like this, a Raspberry would suffice. The reason I want to use the Tetra is because i'm done (at the moment) playing with all it's features and I love the range of it. Since i'm not using it for anything else, I thought using it as a beacon/probe request listener would be better than gathering dust on the shelf.

[TL;DR]

1. Is there a clear text file that the PineAp configuration logs to so you could basically tail -f the file to see new beacons/probe requests without using the one hourly reporting function.

2. Is it safe to install syslog-ng or syslogd over opkg without potentially bricking the Tetra?

[3]. I do not believe there is, but if anybody has a complete setup working with logging to something like ELK stack/Grafana/Kibana, care to share?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...