[syslog-ng] tcpdump shows device sending syslog from UDP
Fabien Wernli
wernli at in2p3.fr
Mon Apr 8 14:03:17 UTC 2019
On Mon, Apr 08, 2019 at 01:50:59PM +0000, Lin, Victor wrote:
> Hello Fabien,
>
> I was running tcpdump on my syslog-ng server, and able to see the package from 1.2.3.4 but my local logfile for UDP 514 didn't show any syslog from 1.2.3.4.
>
> Is there another configuration file need to be setup in somewhere?
I didn't check your syslog-ng config, but one common cause of "I see the
logs in tcpdump but not in syslog-ng" is that iptables is filtering your
messages. What does iptables -L say?
More information about the syslog-ng
mailing list