[syslog-ng] NetScreen Statistics
lists at grounded.net
lists at grounded.net
Thu Jul 3 04:41:11 CEST 2008
I got it going again and now see that the firewall is connected to syslog-ng. Thing is, where are the logs going? Nothing seems to be showing up in /var/log which seems to be the default location for logs.
Mike
On Thu, 03 Jul 2008 09:19:31 +1000, Philip Webster wrote:
> lists at grounded.net wrote on 03/07/2008 08:44 :
>
>> What does the default syslog-ng installation use, tcp or udp? The
>>
> I'm not sure about a default, however in our configuration we have:
>
> source src_udp { udp(ip(x.x.x.x) port(514)); };
>
> source src_tcp { tcp(ip(x.x.x.x) port(514) max-connections(250)
> tcp-keep-alive(yes));
> };
>
> So in this case our server listens on port 514/udp and on 54/tcp, on the
> specified IP address (x.x.x.x). I don't look after the firewalls,
> however I'm fairly certain that they use UDP by default. That's
> certainly how we're receiving the logs.
>
>> netscreen can't seem to reach the syslog-ng server but it can reach
>> my other linux syslog servers.
>>
> Is there a blockage in the network somewhere? Our NetScreen's log via
> their management interface, so the log server has a presence on both the
> management and production networks. (So we actually have two sets of
> the 'source ...' lines above in the config - one for an IP on the
> production network and one for an IP on the management network.)
>
> Phil
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-
> ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
More information about the syslog-ng
mailing list