To set up remote syslog logging for all things on a MikroTik router using the command line, you need to follow these steps:

Understanding the Configuration Parameters

• name="remote" target=remote remote=172.16.128.55: This specifies that the name of the remote server is "remote", and its IP address is 172.16.128.55.
• remote-port=514: The port number for syslog messages to be sent to, which is typically used by default.
• src-address=0.0.0.0: Specifies the source IP address from which syslog messages are sent; 0.0.0.0 means any interface can be used.
• remote-log-format=default: The format of the log message, with "default" being the standard MikroTik format.
• remote-protocol=udp: Specifies that UDP is to be used for sending syslog messages.
• syslog-time-format=bsd-syslog: Sets the time format in the syslog message header.
• syslog-facility=daemon: The facility (or category) of log messages, which can include daemon, auth, etc.
• syslog-severity=auto: Allows setting severity levels automatically based on events.

Setting Up Remote Syslog Logging

1. Login to your MikroTik Router

• Use PuTTY or any other SSH client to connect to the router via its IP address and username/password credentials.

1. Navigate to System > Logging > Syslog Servers

1. Add a New Syslog Server Entry:

• Enter name="remote" in the "Name" field.
• Set target=remote as this is your alias for the server configuration.
• Input 172.16.128.55 under "Address".
• Set port=514 to specify the UDP port.

   /system logging server remote add name="remote" address=172.16.128.55 port=514

1. Configure the Logging Settings:

1. Set Up Logging Format and Parameters (optional but recommended for customisation):

   /system logging server remote set name="remote" format=default port=514 src-address=0.0.0.0 protocol=udp syslog-time-format=bsd-syslog syslog-facility=daemon syslog-severity=auto vrf=main

• Adjust the log format, source IP address, protocol, time format, facility, severity levels as per your requirements.

1. Verify the Configuration:

   /system logging server remote print name="remote"

• Run :print after each command to ensure they were applied correctly.

This will show you all parameters for your configured syslog server.

1. Test the Setup:

• Generate some logs on the MikroTik router and check if they are being received by the remote syslog server (172.16.128.55).

Troubleshooting Tips

• Check firewall rules to ensure UDP port 514 is open between your MikroTik router and the remote syslog server.
• Verify that the remote syslog server is configured correctly to accept incoming logs from the specified IP address or any interface.
• Use :print on both the router and the remote server side to monitor log flow.

By following these steps, you should be able to successfully set up remote syslog logging for all events on your MikroTik router.