Not storing incoming syslogs

Victor Wiebe · April 03, 2015, 03:53:45 PM

I have a wireless device sending syslog to NetXMS. I see the syslogs coming in via tcpdump (I've cut and pasted a sample output below). However, the logs do not seem to be stored in the db. The device itself - 'aruba-controller' - is added as a node in NetXMS. I've searched for this hostname and I've searched for all logs with a severity of 'debug' for the timeframe, and I cannot find the logs. Am I missing a configuration somewhere?

root@event-nmgt:/home/vwiebe# tcpdump -i em1 src 192.168.10.53 and port 514 -A -v
tcpdump: listening on em1, link-type EN10MB (Ethernet), capture size 65535 bytes
08:51:00.735117 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 162)
aruba-controller.wilm.sevone.com.syslog > event-nmgt.sevone.com.syslog: SYSLOG, length: 134
Facility local1 (17), Severity debug (7)
Msg: Apr 3 08:51:06 2015 aruba-controller lldp[3704]: <235002> <DBUG> <aruba-controller 192.168.10.53> LLDP Recv PKT at ingress 8448
E.....@.@.....
5..
.......R_<143>Apr 3 08:51:06 2015 aruba-controller lldp[3704]: <235002> <DBUG> <aruba-controller 192.168.10.53> LLDP Recv PKT at ingress 8448

Victor Kirhenshtein · April 09, 2015, 12:23:39 AM

Hi,

do you have syslog server enabled on NetXMS server? if yes, check that netxmsd listen on port 514. Try to enable debug level 6 and check netxmsd log records with word "syslog" in them.

Best regards,
Victor

NetXMS Support Forum

News:

Not storing incoming syslogs

Victor Wiebe

Victor Kirhenshtein