 | | | syslog problems | syslog problems 2003-08-14 - By Andrew Haskell
Back
I'm having an odd problem with the syslog.
I'm trying to log messages from a cisco 2600 series router.
I'm already logging messages from a PIX and that works fine.
Using a packet sniffer I can see the upd packets going from the router to
the linux box, but once they hit the linux box they just vanish. In a week
I've had 1 entry into the 2600.log file.
To check that the 2600.log actually logs data i've used *.*
/var/log/2600.log and it logs entries as expected, well everything but the
2600 messages.
syslog.conf entries of the two cisco devices
local4.* /var/log/PIX.log
local5.* /var/log/2600.log
I've set the 2600 to use faciltiy local5 and using a syslog on another
machine I can recieve the log messages that I'm expecting.
But I get nothing on the linux machine. I know the udp packet are getting
their, and that syslog is setup to listen on port 514/udp and it is
listening (the pix.log entry works).
Has anyone ever experienced anything similar? or does anyone have an idea on
whats going wrong?
Regards
Andrew
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859 (See http://iso-8859.ora-code.com)-1">
<META NAME="Generator" CONTENT="MS Exchange Server version 5.5.2653.12">
<TITLE>syslog problems</TITLE>
</HEAD>
<BODY>
<P><FONT SIZE=2 FACE="Arial">I'm having an odd problem with the syslog.</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">I'm trying to log messages from a cisco 2600
series router.</FONT>
<BR><FONT SIZE=2 FACE="Arial">I'm already logging messages from a PIX and that
works fine.</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">Using a packet sniffer I can see the upd packets
going from the router to the linux box, but once they hit the linux box they
just vanish. In a week I've had 1 entry into the 2600.log file.</FONT></P>
<P><FONT SIZE=2 FACE="Arial">To check that the 2600.log actually logs data i've
used *.* /var/log/2600.log and it logs entries as expected, well everything but
the 2600 messages.</FONT></P>
<P><FONT SIZE=2 FACE="Arial">syslog.conf entries of the two cisco devices</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">local4.*
/var/log/PIX.log</FONT>
<BR><FONT SIZE=2 FACE="Arial">local5.*  
;  
; /var/log/2600.log</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">I've set the 2600 to use faciltiy local5 and using
a syslog on another machine I can recieve the log messages that I'm expecting.<
/FONT></P>
<P><FONT SIZE=2 FACE="Arial">But I get nothing on the linux machine. I know the
udp packet are getting their, and that syslog is setup to listen on port 514
/udp and it is listening (the pix.log entry works).</FONT></P>
<P><FONT SIZE=2 FACE="Arial">Has anyone ever experienced anything similar? or
does anyone have an idea on whats going wrong?</FONT>
</P>
<P><FONT SIZE=2 FACE="Arial">Regards</FONT>
<BR><FONT SIZE=2 FACE="Arial">Andrew</FONT>
</P>
</BODY>
</HTML>
|
|
|