[syslog-ng] Please help: Can not figure out why syslog-ng ose 3.2.2 server doesn't receive syslog client messages over udp/11514 on 64-bit RHEL 5

[Mehdi Mortezai]

Hello,

I am new to syslog-ng. I have set up a syslog-ng ose 3.2.2 server and
configured syslog on 64-bit RHEL 5 client servers to send all messages to
the syslog-ng server over udp/11514 (client's syslog.conf: *.*
@syslog-ngIP:11514) but no packet is received.



When I change the port on the syslog-ng server and on the client's syslog
from udp/11514 to udp/514 all works.  Verified that firewalls passing
packets for both udp/514 and 11514 on the server and RHEL client and the
port is not used by any other app.
I cannot figure out why the logs are not happening when changing the port
to udp/11514 from default? Is there any global options I should set or any
change to my source statements?



Here are the global options and sources definitions:
*options* {
        time_reopen (10);
        long_hostnames (off);
        owner("root");
        group("root");
        perm(0600);
        dir_perm(0755);
        use_dns (yes);
        use_fqdn (no);
        create_dirs (yes);
        keep_hostname (no);

};



*source:*

###########  Define Sources



*### Internal *

source s_local_sys {

        file ("/proc/kmsg" program_override("kernel: "));

        unix-stream ("/dev/log");

        internal();};

*### External or remote:*

# For Server Groups

source s_RHEL5_udp { udp(port(11514));};



*# For all other single hosts:*

source s_remote_udp { udp(port(514));};


Thanks in advance for your help.



Medi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.balabit.hu/pipermail/syslog-ng/attachments/20121019/ec00d5c5/attachment.htm