Configuring various Syslog Server problem

RolandBaumgaertner72 · ‎06-12-2024

Hi,

2 weeks ago I configured another syslog server from the CLI and it worked fine. Now I tried the same with the same information on another FG100F and I dont get anything at our local Greylock Server.

>config log syslogd2 setting > get shows me on both sides the same information:

FG_MASTER_XXX (setting) # get
status : enable
server : XXX.X.98.58
mode : udp
port : 1514
facility : local7
source-ip :
format : default
priority : default
max-log-rate : 0
interface-select-method: auto

The rule on the FG in the DC is for all the same.

What am I missing?

Thanks

AEK · ‎06-12-2024

As per my knowledge syslog (or at least default config) is sent instantly as the event occurs.

AEK

View solution in original post

narunrj · ‎06-12-2024

Right now I'm simply looking to get our environment logging to a central location. We have multiple offices and many devices in each office (switches, servers, NAS, SAN, APs, etc...) and other than logging into each device when there is an issue, we don't have a central platform to view logs.

omegle xender

AEK · ‎06-12-2024

Hi Roland

I assume your are not wrong with your syslog port 1514 UDP.

Then as first step you may try sniff traffic from both server side and FG side on the same destination port to see if FG is sending anything to server and if server is receiving from FG.

AEK

RolandBaumgaertner72 · ‎06-12-2024

Hi,

I didnt change anything but it works, after trying with diag log test we got traffic on the other side.

Can we know when the FG sends logs, is there a shedule?

Thanks

AEK · ‎06-12-2024

As per my knowledge syslog (or at least default config) is sent instantly as the event occurs.

AEK

Configuring various Syslog Server problem

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website