A.8. Logging (syslog)

It is recommended that you log your m0n0wall to a remote syslog server for diagnostics and forensic purposes. There are a number of free tools receive and store syslog messages for you on Windows, Mac, and Unix based systems. These software packages also offer additional features such as automatically sending pages, emails or SMS messages as well as running software or commands based on the messages that are received.

Tip

Log messages include a timestamp of when the event ocurred. The system time on the firewall is synchronized to an NTP (Network Time Protocol) server. You can change the NTP server and related parameters in the General Setup screen.

Unix-based tools

The syslog daemon built into virtually every Unix-like system can be configured to accept log messages from remote hosts. Check documentation specific to your OS on how to configure syslogd to accept messages from remote hosts.

Other Unix Tools

syslog-ng

nsyslog

Windows-based tools

There are several free and commercial tools available on Windows to enable your system to accept syslog messages from hosts on your network.

Kiwi Syslog

One of my favorites on Windows is Kiwi Syslog. There is a version with "basic" features that is free, and a more advanced version with $49 registration. Even if you are just looking for a free tool, the basic version has as many if not more features than any other free package on this list. http://www.kiwi-enterprises.com/

3Com offers a couple of free utilities on this page. 3CSyslog is a GUI tool best used on a temporary or as-needed basis only. To collect logs using a service that will be running at all times, whether or not anyone is logged into the machine, try wsyslogd.

Several more for Windows and a couple for Mac listed on this site.