On Sun, Apr 13, 2025 at 10:31 PM Timothy M Butterworth <
[email protected]> wrote:
> All,
>
> I modified /etc/syslog-ng/syslog-ng.conf to the following:
>
> ########################
> # Sources
> ########################
> # Add the following line
> source s_net { tcp(ip(0.0.0.0) port(514) max-connections (5000)); udp(); };
>
> ########################
> # Destinations
> ########################
> # comment out the following line - if two d_syslog entries are present
> syslog-ng will fail to start.
> # destination d_syslog { file("/var/log/syslog"); };
>
> # Add the following line
> # Remote syslog collection
> destination d_syslog { file("/var/log/remotelogs/$HOST/syslog"); };
>
> # Create RemoteLogs Directory
>
> mkdir /var/log/remotelogs
>
> ls -la /var/log/
> drwxr-xr-x 2 root root 4096 Apr 12 17:32
> remotelogs
>
> I have multiple Cisco switches configured to log to the Syslog-NG Server
> but I am not getting any logs. Any ideas?
>
>
I ran a netstat -l -n and there is no socket bound to port 514.
Thanks
>
> Tim
>
> --
> ⢀⣴⠾⠻⢶⣦⠀
> ⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
> ⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/
> ⠈⠳⣄⠀⠀
>
--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Debian - The universal operating system
⢿⡄⠘⠷⠚⠋⠀ https://www.debian.org/
⠈⠳⣄⠀⠀
