04-17-2020 09:03 AM
Good morning
I have a Cisco SPA112, latest firmware 1.4.1 (SR5), configured to send logs to Papertrail but it seems to only be trying to send the logs to itself?! Why isn't it using the IP address I configured?
This is the message I see regularly when I look at the logs locally:
Apr 17 11:23:33 ata1 syslog.err syslog-ng[2738]: Error connecting to remote host AF_INET(127.0.0.1:21487), reattempting in 60 second
But for the Syslog Server, in Administration > Log > Log Setting I have the Papertrail server configured.
What do I have to do to get it to send logs to the configured IP address? It seems to have picked-up the port but not the IP address?!
Thanks
Solved! Go to Solution.
04-17-2020 08:15 PM
I'm unsire what's the goalI configured an IP address to send the logs to but the SPA112 is sending them to itself instead. I think that's a bug but maybe I missed something?
I got the question. I didn't got the goal because SPA112 kernel messages seems to be good for nothing. I'm technician of several large SPAxxx based VoIP networks but I never missed those messages. Note I'm speaking about kernel syslog messages only. Voice Application messages are valuable source information.
OK. To answer your question - it seems you hit a bug. According my experience with Cisco support and because of little or no value of those messages, I guess it will not be patched in reasonable future. Use email if you really wish to see them.
how do I specify the port in that configuration? And to use TLS?
Voice Application of SPA112 supports standard syslog (RFC3164) - e.g UDP to port 514. It supports logging non-standard use of TCP protocol and use of non-standard target port as well (use a.b.c.d:port to configure it). Other non-standard transport protocols like TLS are not supported. But you can arrange a local syslog forwarder with support for whatever transport protocol you wish.
04-17-2020 02:47 PM
I'm unsire what's the goal, but you may be interested to know the SPA112 produces two kinds of syslog messages. The configuration you mentioned is related to syslog messages fired by system kernel. Those messages will not help you to solve issues related to SIP events and operations. May be you are interested to capture messages generated by Voice APplication running on SPA112 instead.
See
Debug and syslog Messages from SPA1x2 and SPA232D ATA
for more.
04-17-2020 05:17 PM
Good evening
@Dan Lukes wrote:I'm unsire what's the goal
I configured an IP address to send the logs to but the SPA112 is sending them to itself instead. I think that's a bug but maybe I missed something?
@Dan Lukes wrote:May be you are interested to capture messages generated by Voice APplication running on SPA112 instead.
See
Debug and syslog Messages from SPA1x2 and SPA232D ATA
for more.
Yes, I saw that and followed the steps, but how do I specify the port in that configuration? And to use TLS?
Thanks
04-17-2020 08:15 PM
I'm unsire what's the goalI configured an IP address to send the logs to but the SPA112 is sending them to itself instead. I think that's a bug but maybe I missed something?
I got the question. I didn't got the goal because SPA112 kernel messages seems to be good for nothing. I'm technician of several large SPAxxx based VoIP networks but I never missed those messages. Note I'm speaking about kernel syslog messages only. Voice Application messages are valuable source information.
OK. To answer your question - it seems you hit a bug. According my experience with Cisco support and because of little or no value of those messages, I guess it will not be patched in reasonable future. Use email if you really wish to see them.
how do I specify the port in that configuration? And to use TLS?
Voice Application of SPA112 supports standard syslog (RFC3164) - e.g UDP to port 514. It supports logging non-standard use of TCP protocol and use of non-standard target port as well (use a.b.c.d:port to configure it). Other non-standard transport protocols like TLS are not supported. But you can arrange a local syslog forwarder with support for whatever transport protocol you wish.
04-18-2020 05:41 AM
04-18-2020 09:43 AM
I configured the syslog and Debug on Voice > System > Miscellaneous. There is a dropdown that allows me to select TLS
Oh, new feature I has not been aware of. Sorry.
but it doens't work - I suspect because everyone is getting very picky about valid certificates these days.
I thing so.Syslog server certificate is not issued by CA considered trusted. Use Custom CA Rule to import CA certificate into list of trusted CAs.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide