is it possible that syslog from the devices are never written?

Unanswered Question
Aug 26th, 2007


is it possible that syslog from the devices are never written on syslog database so that the report is empty.or it is just a matter of time and it will show you one or two days later? thanks

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Joe Clarke Mon, 08/27/2007 - 07:43

There are numerous reasons why a syslog message from a device is not written to syslog.log. They include the device not generating the message (maybe due to a bug), the message not being severe enough to be sent as a syslog message, the message being sent on the wrong facility, a network issue preventing the message from reaching the server, and the syslog daemon not running on the server.

Once a message is written to the syslog.log file, it may then be ignored by the SyslogCollector if the message is not permitted by the configured syslog filters, or SyslogCollector is not running at the time the message is written to the log.

Once SyslogCollector processes the message and deems it to be interesting, it may not get written to the database if the SyslogAnalyzer is not running, or the database is corrupt or otherwise damaged.


This Discussion