[syslog-ng] NetScreen Statistics
Philip Webster
p.webster at qut.edu.au
Thu Jul 3 01:19:31 CEST 2008
lists at grounded.net wrote on 03/07/2008 08:44 :
> What does the default syslog-ng installation use, tcp or udp? The
I'm not sure about a default, however in our configuration we have:
source src_udp { udp(ip(x.x.x.x) port(514)); };
source src_tcp { tcp(ip(x.x.x.x) port(514) max-connections(250)
tcp-keep-alive(yes));
};
So in this case our server listens on port 514/udp and on 54/tcp, on the
specified IP address (x.x.x.x). I don't look after the firewalls,
however I'm fairly certain that they use UDP by default. That's
certainly how we're receiving the logs.
> netscreen can't seem to reach the syslog-ng server but it can reach
> my other linux syslog servers.
Is there a blockage in the network somewhere? Our NetScreen's log via
their management interface, so the log server has a presence on both the
management and production networks. (So we actually have two sets of
the 'source ...' lines above in the config - one for an IP on the
production network and one for an IP on the management network.)
Phil
More information about the syslog-ng
mailing list