Rsyslog and Live Logs for Linux-based DNS and DHCP Servers in DDI Central

Rsyslog and Live Logs for Linux-based DNS and DHCP Servers in DDI Central

What is Rsyslog?

Rsyslog is an advanced and high-performance logging system used primarily in Linux and Unix-based operating systems that enables administrators to collect and manage system logs efficiently. It is an enhanced version of the traditional syslog system, offering greater flexibility, higher throughput, and extended capabilities such as filtering, structured logging, and remote log forwarding. In DDI Central, Rsyslog can be configured to capture and forward DNS and DHCP servers' system logs for Linux-based servers.

Rsyslog Configuration in DDI Central

Follow the step-by-step instructions below for configuring Rsyslog in DDI Central:

  • Navigate to Settings → Server.
  • Locate the desired Linux-based server from the list.
  • Click on the Actions button next to the server.

  • From the dropdown menu, select Rsyslog. (Note: This option is only available for Linux-based servers.)

  • This will open the Configure Rsyslog window.

  • On the Configure Rsyslog window, enter the IP address of the remote syslog server where logs will be forwarded. Example: 192.168.1.100.
  • Specify the TCP port for transmitting logs securely and reliably. Default: 514 (if applicable).
  • Specify the UDP port for transmitting logs with lower overhead. Default: 514 (if applicable).
  • Choose the type of logs to be forwarded:
    • DNS only — Only DNS-related logs will be sent.
    • DHCP only — Only DHCP-related logs will be sent.
    • Both — Both DNS and DHCP logs will be forwarded.
  • Once all fields are filled, click Save to apply the settings.
  • DDI Central will validate the inputs and enable Rsyslog forwarding based on the provided configurations.

Guidelines:

  • Ensure that the remote syslog server is configured to accept logs on the specified ports.
  • If TCP or UDP ports are left empty, the system will use the default Rsyslog ports.
  • This feature is applicable only to Linux-based servers in DDI Central.

This way, DDI Central facilitates efficient log management for Linux ISC-based DNS and DHCP services.

Live Logs for Linux-based DNS and DHCP Servers

To access live logs for your Linux-based DNS and DHCP servers in DDI Central:

  • Navigate to Settings → Server.
  • Locate the desired Linux-based server from the list.
  • Click on the Actions button next to the server.
  • From the dropdown menu, select Live Logs.

  • The Live Logs window for the chosen server appears, displaying the real-time operations being carried out within the server as shown below.

  • The image above shows a live DHCP log capturing DHCP requests and responses in real time. The log highlights all sorts of DHCP messages like DHCPDISCOVER, DHCPREQUEST, and other messages from clients attempting to obtain IP leases and time-stamped events providing detailed records for analysis.

Why Do You Need Live Logs?

Live logs provide real-time insights into the ongoing operations of your DNS and DHCP servers. They help network administrators monitor, troubleshoot, and optimize server performance.

  • Real-Time Monitoring: View DNS queries, DHCP lease requests, and system events as they happen.
  • Troubleshooting: Detect and diagnose issues such as lease failures, misconfigurations, or network anomalies.
  • Security & Auditing: Identify unauthorized access attempts, rogue DHCP servers, or suspicious DNS lookups.
  • Performance Optimization: Analyze response times, server load, and request patterns to fine-tune server configurations.

What Can You Do with Live Logs?

  • Monitor DHCP lease assignments (e.g., DHCPDISCOVER, DHCPREQUEST, DHCPACK) and ensure IP allocation is functioning correctly.
  • Track DNS queries and responses to diagnose resolution failures or latency issues.
  • Identify network-wide connectivity problems by observing failed requests or excessive lease denials.
  • Detect rogue devices attempting to acquire unauthorized leases.
  • Use filtering and log analysis to refine configurations and improve system reliability.

Live logs are an essential tool for effective network management in DDI Central. By leveraging real-time insights, administrators can proactively resolve issues, enhance security, and optimize server performance for Linux-based DNS and DHCP services.

+-
Back to Top