2020-07-15 10:22:55 +00:00
|
|
|
|
Forward log messages via notification
|
|
|
|
|
=====================================
|
|
|
|
|
|
2023-01-10 13:45:27 +00:00
|
|
|
|
[⬅️ Go back to main README](../README.md)
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
2022-02-12 12:05:56 +00:00
|
|
|
|
> ℹ️ **Info**: This script can not be used on its own but requires the base
|
2022-02-11 22:34:39 +00:00
|
|
|
|
> installation. See [main README](../README.md) for details.
|
2021-05-03 13:07:50 +00:00
|
|
|
|
|
2020-07-15 10:22:55 +00:00
|
|
|
|
Description
|
|
|
|
|
-----------
|
|
|
|
|
|
2023-01-18 10:51:16 +00:00
|
|
|
|
RouterOS itself supports sending log messages via e-mail or to a syslog
|
|
|
|
|
server (see `/system/logging`). This has some limitation, however:
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
|
|
|
|
* does not work early after boot if network connectivity is not
|
2023-01-18 10:51:16 +00:00
|
|
|
|
yet established, or breaks intermittently
|
2020-07-15 10:22:55 +00:00
|
|
|
|
* lots of messages generate a flood of mails
|
2021-06-09 12:36:49 +00:00
|
|
|
|
* Matrix and Telegram are not supported
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
2023-01-18 10:51:16 +00:00
|
|
|
|
The script works around the limitations, for example it does:
|
|
|
|
|
|
|
|
|
|
* read from `/log`, including messages from early boot
|
|
|
|
|
* skip multi-repeated messages
|
|
|
|
|
* rate-limit itself to mitigate flooding
|
|
|
|
|
* forward via notification (which includes *e-mail*, *Matrix* and *Telegram*
|
|
|
|
|
when installed and configured, see below)
|
|
|
|
|
|
|
|
|
|
It is intended to be run periodically from scheduler, then collects new
|
|
|
|
|
log messages and forwards them via notification.
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
2021-06-17 13:23:51 +00:00
|
|
|
|
### Sample notification
|
|
|
|
|
|
2022-10-20 08:51:16 +00:00
|
|
|
|
![log-forward notification](log-forward.d/notification.avif)
|
2021-06-17 13:23:51 +00:00
|
|
|
|
|
2020-07-15 10:22:55 +00:00
|
|
|
|
Requirements and installation
|
|
|
|
|
-----------------------------
|
|
|
|
|
|
|
|
|
|
Just install the script:
|
|
|
|
|
|
|
|
|
|
$ScriptInstallUpdate log-forward;
|
|
|
|
|
|
|
|
|
|
... and add a scheduler:
|
|
|
|
|
|
2022-05-11 08:10:34 +00:00
|
|
|
|
/system/scheduler/add interval=1m name=log-forward on-event="/system/script/run log-forward;" start-time=startup;
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
|
|
|
|
Configuration
|
|
|
|
|
-------------
|
|
|
|
|
|
2020-09-25 20:21:59 +00:00
|
|
|
|
The configuration goes to `global-config-overlay`, these are the parameters:
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
|
|
|
|
* `LogForwardFilter`: define topics *not* to be forwarded
|
2020-09-25 20:21:59 +00:00
|
|
|
|
* `LogForwardFilterMessage`: define message text *not* to be forwarded
|
2021-06-09 12:32:52 +00:00
|
|
|
|
* `LogForwardInclude`: define topics to be forwarded (even if filter matches)
|
|
|
|
|
* `LogForwardIncludeMessage`: define message text to be forwarded (even if
|
|
|
|
|
filter matches)
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
2023-01-18 10:51:16 +00:00
|
|
|
|
These patterns are matched as
|
|
|
|
|
[regular expressions](https://wiki.mikrotik.com/wiki/Manual:Regular_Expressions).
|
|
|
|
|
To forward **all** (ignoring severity) log messages with topics `account`
|
|
|
|
|
(which includes user logins) and `dhcp` you need something like:
|
|
|
|
|
|
|
|
|
|
:global LogForwardInclude "(account|dhcp)";
|
|
|
|
|
|
2022-09-23 13:07:30 +00:00
|
|
|
|
Also notification settings are required for
|
|
|
|
|
[e-mail](mod/notification-email.md),
|
2021-11-16 15:03:25 +00:00
|
|
|
|
[matrix](mod/notification-matrix.md) and/or
|
2022-02-22 21:41:59 +00:00
|
|
|
|
[telegram](mod/notification-telegram.md).
|
2020-07-15 10:22:55 +00:00
|
|
|
|
|
2023-01-19 23:34:27 +00:00
|
|
|
|
Tips & Tricks
|
|
|
|
|
-------------
|
|
|
|
|
|
|
|
|
|
### Notification on reboot
|
|
|
|
|
|
|
|
|
|
You want to receive a notification on every device (re-)boot? Quite easy,
|
|
|
|
|
just add:
|
|
|
|
|
|
|
|
|
|
:global LogForwardIncludeMessage "(^router rebooted)";
|
|
|
|
|
|
|
|
|
|
This will match on every log message beginning with `router rebooted`.
|
|
|
|
|
|
2020-07-15 10:22:55 +00:00
|
|
|
|
---
|
2023-01-10 13:45:27 +00:00
|
|
|
|
[⬅️ Go back to main README](../README.md)
|
|
|
|
|
[⬆️ Go back to top](#top)
|