i see in syslog collector that there are many invalid syslog message. i do not give any filter in syslog filter except severity 7 message. i found that our network change the source vlan of syslog. i check those devices that change the vlan, and i have no data of syslog. do i need to rediscover those device? or is there any other area that i need to look into? thanks.
RME knows all of the IP addresses on all interfaces via Inventory Collection. So, yes, it compares the syslog source to all known interface IPs.