How to see debug logs for WireGuard (e.g. to see authentication attempts)

wireguard debian-buster

I've successfully set up a WireGuard VPN on my Debian 10 server. It was incredibly straight forward compared to the setup of OpenVPN, and it's working fine.

However, I can't see any logs beyond those from journalctl -u [email protected]. I'd like to know, for example, when there are failed authentication attempts. Is there a way to monitor that? e.g. with openvpn I could use fail2ban based on auth attempts.


Assuming you are running a 5.6 kernel which supports dynamic debugging, you can enable debug logs by executing:

# modprobe wireguard 
# echo module wireguard +p > /sys/kernel/debug/dynamic_debug/control

The logs can than be consumed via dmesg or journalctl. With dmesg, just use following command:

$ dmesg -wH

(-H, --human enables user-friendly features like colors, relative time)

(-w, --follow)

Also on systems with systemd you can use:

$ journalctl -kf

Related

Prevent execution of Windows executables
Getting rsync to delete files from the *sender* after transfer
VMware in Linux breaks my ALT, CTRL and/or SHIFT keys. How do I fix it? [closed]
How to solve "ExpiresActive not allowed here" error message in .htaccess file?
Xen vs virtualbox?
Can you join a computer to two domains?
Cloud Providers that support FreeBSD? [closed]
How do I know what an apache process is doing?
SATA drives in HP ProLiant server?
portable unix way to join strings with separator
Where is the documentation that states TCP and UDP source port should be over 1024 and random?
Redis: possible to expire an element in an array or sorted set?