MikroTik Dude as a Syslog server

When it comes to the message logging from different network devices, the most common method is to utilise a Syslog server. This software is designed to acquire different system messages and save them into the file on the local disk.

We recently changed the old server and I faced the problem to install old Syslog server on the new Windows platform. I checked the different solutions and eventually I remember that MikroTik Dude can act as a Syslog server. That was my easy solution for this challenge.

 

Installing the Dude Syslog service

As I’m using the Windows server, I installed MikroTik Dude 4.0 beta3 for Windows. Don’t be confused with this beta in the name. Indeed, this version is very stable.

Bear in mind that you will use Dude here as a Syslog server. It will generate a lot of files very large in size. Hereinafter, you should install it on any disk other than C:.

After installation, I opened the Dude client. We don’t need to configure anything on the map.

I clicked on the button named [ Local Server ] and chose the last option – as service. Then I clicked on [ Ok ].

This will install the Dude server service on your Windows machine. Although you can install it even on the desktop OS (Windows XP and later), I will recommend the server OS.

Be sure to allow its communication through the Windows host firewall, too. Otherwise it will not receive any message.

Congratulations! You have a fully operational Syslog server.

 

Configuring the operational parameters

You can see the Syslog parameters if you click on the button named [ Settings ] and choose tab named Syslog.

All settings are already in place. By default, Dude will start listening on the port 514 UDP and all messages will be written into the Syslog file.

You can fine tune the Syslog files. By default, all messages will be written in the single file. I don’t like that and I always change these settings.

To change the properties of Syslog files, navigate to the option named Logs. In the newly opened right pane locate Syslog and right click on it. From the context menu choose Settings. The new dialog will pop-up.

On the General tab, I always choose the option Start New File and change it to every day. In my experience, this is the best option for the continuous logging system.

The option Files To Keep depends on your needs. I chose 365 as I want to keep all log files for one year.

I rarely need to change this option named Buffered Entries. Of course, you can increase this value in case that you face any problem with the message logging. This is the size of your memory buffer. By default, up to 3000 messages will be kept in this buffer before writing into the file.

When you’re satisfied, click on the button [ Ok ] and let Dude do the rest.

All changes will be applied immediately. No needs to restart the Dude server service. Even better, you don’t need to have opened the Dude client window. Dude will work in the background as any other Windows service.

However, keep an eye on the occupied disk space. Depending on the conditions, those logs can occupy a lot of disk space. How large can be those files? Depends, but I saw the daily log files with a few GB in size. Take this information in your considerations and calculations to prevent the data loss in a crucial moment.

Stay tuned.