The bad news is that the stock WRT54G* router can't export a log. The good news is there is third party firmware that will enable exporting logs from your WRT54G and WRT54GS routers. Here are instructions on how to install HyperWRT firmware. You must do this before the router will export a log that we can process.
After you have done this, then download and install the Kiwi Syslog Daemon (if needed.) If you run Windows NT/2K/XP, you should get the "Services" version of Kiwi.
When you start Kiwi Syslog Daemon you will see
If you installed the "Services" version of Kiwi, then you need to install the service. Choose Manage -> 'Install the Syslogd Service' Then Manage -> Start the Syslogd service This is a one time only operation. From here on out, Windows will start the syslogd service when it boots up.
Select File -> Setup.
Double click on the line that has Log to file.
This screen defines where Kiwi will write the log file that CVTWIN processes. Note the contents of the Path and file name of log file field. This is what you enter in CVTWIN's log file field.
The default is C:\Program Files\SyslogD\Logs\SyslogCatchAll.txt
Also make sure that Log file format is Kiwi format ISO yyyy-mm-dd (Tab delimited), so that CVTWIN doesn't get snarled up trying to decipher a different log format.
Click on OK when done. Then click on Log Archiving
This shows if any archiving is scheduled. Not scheduling archiving is good, because otherwise you'll have to juggle Kiwi's archiving and running CVTWIN, because you don't want Kiwi to archive logs before CVTWIN has a chance to process them. Read the Kiwi docs on archiving and figure this out yourself. I just wanted to point out the potential confilct.
The router will be exporting the logs using the 'Syslog' protocol. So enable this in Kiwi.
Inputs TCP:
Inputs UDP:
When Kiwi (and your router) are configured to work together, you should start seeing logs appear in the Kiwi screen.
Kiwi should now be configured to save logs in a format that CVTWIN can process. Choose Kiwi Syslog Daemon (Linksys WRT) as the CVTWIN converter.
If I've bollixed up any of these descriptions, then write to info@dshield.org and set me straight.
