Hello all,
I'm still chasing why my APU2C2 resets randomly (see https://forum.opnsense.org/index.php?topic=16351.0), hence at some point I set up remote logging. Very simple: one rule which forwards EVERYTHING to the loghost.
The problem is: NOTHING gets logged until syslog-ng starts, e.g. boot dmesg.
Here's a log snippet, today morning I restarted my router manually (tune something in the BIOS):
2020-04-11T10:14:29+00:00 auth.info sshd[31201]: Received signal 15; terminating.
2020-04-11T10:18:45+00:00 syslog.notice syslog-ng[91955]: syslog-ng starting up; version='3.25.1'
I don't think that's the right way to do remote logging.
Did I set up something incorrectly or is this feature simply missing form OPNsense?
Well, even after upgrading to 20.1.6 it is still an issue.
Basically nothing gets logged remotely until syslog-ng starts up. I understand it from a technical point of view, but it's still not fortunate for a device/OS which has to do anything with security.
Are there any plans for 20.7 (or later release) to rework the logging subsystem?