[syslog-ng]Please help with logging remote machines
Daniel Flick
syslog-ng@lists.balabit.hu
Wed, 19 Nov 2003 07:55:46 -0600
08:28:15.975018 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
08:28:15.976003 138.57.100.15.syslog > 66.6.86.58.syslog: udp 137
08:28:15.976820 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
08:28:15.978296 138.57.100.15.syslog > 66.6.86.58.syslog: udp 137
08:28:15.979772 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
08:28:15.980096 138.57.100.15.syslog > 66.6.86.58.syslog: udp 134
08:28:15.980756 138.57.100.15.syslog > 66.6.86.58.syslog: udp 133
looks like the firewall is sending (100.15 is firewall)
On Tue, 2003-11-18 at 03:06, Balazs Scheidler wrote:
> On Mon, Nov 17, 2003 at 02:56:49PM -0600, Daniel Flick wrote:
> > I have been beating my head against a wall getting this to work but no
> > joy. Syslog-ng is running and logging on the local system but no remote
> > logs are being saved. Devices in question are PIX firewalls and
> > NetCache proxies.
>
> Have you checked whether syslog-ng is actually receiving messages ?
>
> tcpdump and strace would help here.