IOS and Syslog-NG

Unanswered Question
Sep 3rd, 2008

I have been trying to setup logging via tcp on syslog-ng. all the messages come in fine via udp, but when i configure a tcp source, assign it to the syslog-ng target, etc, then configure the router, i don't get any events. i can see the packets coming in via tcp dump, but syslog-ng won't collect anything. am i missing something. my logging config is below....

logging buffered 4096 informational

!

logging origin-id hostname

logging source-interface Serial1.1

logging host 192.168.101.150 transport tcp port 5014

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jtalbaugh Wed, 09/03/2008 - 08:10

Possibly the logging trap command. This can be set to several different levels so set to what best suits your needs.

an example of my basic config below:

logging on

logging #.#.#.#

logging source-interface Loopback0

logging trap notificati

drummond.r Wed, 09/03/2008 - 08:38

doesn't seem to help; here is the output from a show log:

Syslog logging: enabled (1 messages dropped, 0 messages rate-limited,

0 flushes, 0 overruns, xml disabled, filtering disabled)

Console logging: disabled

Monitor logging: level debugging, 0 messages logged, xml disabled,

filtering disabled

Buffer logging: level informational, 117 messages logged, xml disabled,

filtering disabled

Logging Exception size (4096 bytes)

Count and timestamp logging messages: disabled

No active filter modules.

Trap logging: level notifications, 173 message lines logged

Logging to 192.168.101.153(global) (tcp port 5014, audit disabled, link up), 4 message lines logged, xml disabled,

filtering disabled

Actions

This Discussion