LMS 3.0 Syslog Forward

Unanswered Question
Apr 23rd, 2008
User Badges:

Hi All,


I have been reading previous post about forwarding syslog to another host. But I have a situation where I need to forward syslog messages to another port on the SAME host as the LMS server.


I can see it being done 1 of 2 ways, first change the LMS syslog port to be 5140 and get the 3rd party syslog app to forward to 5140.


Second is to leave LMS syslog port unchanges and forward it's messages to port 5140.


I have not been able to find any infor on being able to change the default port that syslog listens on for LMS.


Any help would be appreciated..


Thanks in advanc


Jason

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
tstanik Tue, 04/29/2008 - 12:43
User Badges:
  • Bronze, 100 points or more

LMS stores syslog messages in local hard disk. There is no syslog relay service for forwarding the syslog messages from one server toanother server. However you can forward snmp traps to another server. Secondly syslog uses UDP for transmitting information, the delivery of these messages is not guaranteed. Syslog relay increases the Chances that messages will be lost. If customer has existing syslog parsing software, it can be used on LMS server. Port is the port from which the PIX Firewall sends either UDP or TCP syslog messages. This must be same port at which the syslog server listens.

For the UDP port, the default is 514 and the allowable range for changing the value is 1025 through 65535.

For the TCP port, the default is 1470, and the allowable range is 1025 through 65535. TCP ports only work with the PIX Firewall Syslog Server.


Actions

This Discussion