GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


computerfaq:accessing_synology_s_syslog

Synology Syslog

Synology don't use the common syslog tools such as rsyslogd but instead push logs to a SQLITE3 database, a number of databases actually and this makes querying these harder, but far more powerful than a series of piped greps. The syslog databases can be found in /var/log/synolog There are a number of different database files and we'll go through each of them because they have different columns and data. We assume you have some basic knowledge of sqlite3 and SQL in general.

Spool up sqlite3 with the command; sqlite3

then open your database of choice with the command

.open .DATABASE_FILE_NAME

.SYNOSYSLOGDB

The single table in the database is called 'logs' and has the structure…

idintegerprimary key
hosttextdefaultNULL
iptextdefaultNULL
factextdefaultNULL
priotextdefaultNULL
lleveltextdefaultNULL
tagtextdefaultNULL
utcsecintdefaultNULL
r_utcsecintdefaultNULL
tzoffsettextdefaultNULL
ldatedatedefaultCURRENT_DATE
ltimetimedefaultCURRENT_TIME
progtextdefaultNULL
msgtextdefaultNULL

.SYNOCONNDB

This is the 'connections' log, so all connections (and rejections) will be logged here. This is a local log so it will only contain records from this NAS box.

The single table in the database is called 'logs' and has the structure…

idintegerprimary key
timeintdefaultNULL
leveltextdefaultNULL
usernametextdefaultNULL
msgtextdefaultNULL
usertextdefaultNULL
uidtextdefaultNULL
iptextdefaultNULL
protocoltextdefaultNULL
tokentextdefaultNULL
useragenttextdefaultNULL

.SYNOSYSDB

This is the system log table, this stores logs of actions on the NAS box such as creating, deleting, renaming users, passwords, shares etc.

The single table in the database is called 'logs' and has the structure…

idintegerprimary key
timeintdefaultNULL
leveltextdefaultNULL
usernametextdefaultNULL
msgtextdefaultNULL

LATER VERSIONS of DSM

In later versions Synology moved from SQLITE3 to POSTGRES and that's a touch harder to access from the command line, but you can if you wish open up ports on the firewall and edit the /etc/postgres conf files to make it accessable on your LAN, but we really don't recommend this. If you do want to access it from the command line you'll need to su to the postgres use first and the main database is in /volume1/@database

/data/webs/external/dokuwiki/data/pages/computerfaq/accessing_synology_s_syslog.txt · Last modified: 2022/05/08 15:41 by genadmin

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki