ADAMnetworks does not currently support syslog or any other export method, but it’s certainly on our roadmap. In the interim, here’s how you can view additional time-based traffic logs that can go further back than the 10,000 maximum entries provided by the built-in real-time log.
How far back in time the log entries go depends on the:
- size of log file set by user (needs to be limited to the available gateway memory)
- rate of DNS/IP traffic flow on your gateway (entries per minute)
- detail level of logs captured (logging level) set by user
Accessing the adam:ONE manager log file
- In pfSense, activate adam:ONE logging level 4 to capture the domain (DNS) traffic:
Note: If level 5 is selected, IP traffic gets added to the log as well.
Services -> adam:ONE -> under Advanced Options click on the dropdown menu beside Logging Level and select
4-> Save (bottom) -> Apply Changes (top right)
- Determine the amount of memory available to your box:
pfSense dashboard -> Note the “available” memory beside Disk Usage: /
- Set the maximum log file size in Bytes to prevent overloading the gateway memory as determined by step above - leave memory space for other services as well. Example below sets a 1 GiB max. file size:
Services -> adam:ONE -> click on Display Custom Options and enter your maximum file size in bytes in the Custom options field provided. Example, enter
log-max-filesize=1000000000-> Save (bottom) -> Apply Changes (top right)
- Access the adam:ONE log file from a command line interface - located here:
/var/log/adamone/anmgr.log. You can filter or parse the log using Linux commands from the GUI’s command prompt or via an SSH connection to your router. Example below searches the log for the last 100 DNS responses:
pfSense dashboard -> Diagnostics -> Command Prompt -> enter
grep "DNS=" /var/log/adamone/anmgr.log | tail -100
Note: If you access the log via SSH, you can then also us the
tail -f command in order to show it in real-time.