D-Link Forums

The Graveyard - Products No Longer Supported => Routers / COVR => DIR-825 => Topic started by: fallen on July 19, 2009, 10:17:58 AM

Title: Syslogging Question for DIR-825
Post by: fallen on July 19, 2009, 10:17:58 AM

I currently have the A1 version of the DIR-825 running 1.00 of the firmware and it appears to be running without problems.

It has the ability to send the log file to a Syslog server and I've enabled that feature (got freeware called Syslog Watcher from http://www.snmpsoft.com - the personal version) so it sends its log file to Syslog Watcher.  I noticed the log file only seems to contain SPI blocks, along with System and Router Status info.  Why doesn't it also send the "Internet Session" detail to the Syslog server or incorporate it into the Log file for transfer to the Syslog server?

Before using this router I utilized a Linksys router and had it send all of the details to Link Logger software, including what D-Link calls "Internet Session" so I could analyze the data (such as which PC initiated a session, what its port usage was, which direction the packet was going - In or Out - etc.).  Is there any way to send the Internet Session transactions to my Syslog server?

If that is not possible, how would I request it as an enhancement?

Thanks!

Title: Re: Syslogging Question for DIR-825
Post by: onebyside on July 21, 2009, 04:48:04 PM

not sure if the 825 is like my 655, but I had to setup "access control" to send the info to syslog

I have used wallwatcher for awhile for logging

http://www.wallwatcher1.com/

Title: Re: Syslogging Question for DIR-825
Post by: fallen on July 21, 2009, 08:12:11 PM

Thanks for your reply, but I don't think Access Control has anything to do with transferring all router transactions to a syslog server.  According to the DIR-825 Help info:

"The Access Control section allows you to control access in and out of devices on your network. Use this feature as Parental Controls to only grant access to approved sites, limit web access based on time or dates, and/or block access from applications such as peer-to-peer utilities or games."  There is no mention of syslogging, which is an established procedure of capturing/consolidating log files.

Just to be sure, I enabled Access Control & implemented a website policy to see what would happen.  It does record a transaction in the log, but not like those in the Internet Session (showing date/time, source & destination IP addresses, the protocol - TCP or UDP -, and the direction of transaction - IN or OUT).  Here is what it transferred to the Syslog when I accessed Yahoo:

"Web site www.yahoo.com/ accessed from 192.168.0.xxx", where xxx = my 4th IP octet


Thanks again for a possible solution I hadn't even thought of!