Syslog UDP Input failed - rsyslog and graylog
I have been trying to send logs from my Centos 8 virtual machine to a Graylog server using rsyslog. Unfortunately my UDP Syslog Input fails without any further description.
I have made sure to add this line to my rsyslog configuration file in /etc/rsyslog.conf:
*.* @192.168.100.45:514;RSYSLOG_SyslogProtocol23Format
Where 192.168.100.45 is the IP address of my Graylog server
I have made sure to allow communication on port 514/udp on both machines using firewall-cmd:
firewall-cmd --add-port=514/udp --permanent
firewall-cmd --reload
The output of systemctl status rsyslog.service:
The configuration of UDP Syslog Input on my Graylog Server:
Where 192.168.100.40 is the IP address of my Centos 8 machine from which the logs should arrive.
Before anyone suggests, this post was not helpful: How to send syslog to graylog
I kindly ask for your help and wish you a nice day/night!
I solved it myself. The bind address should be set to default and not the IP address of the client. Furthermore, I changed the port from default which was 514 to 3514 (saw it somewhere on the internet).
Also this line:
*.* @192.168.100.45:514;RSYSLOG_SyslogProtocol23Format
is wrong, there should be a double colon instead of a semicolon:
*.* @192.168.100.45:514:RSYSLOG_SyslogProtocol23Format
Most of this information was discovered by me in this tutorial: https://www.youtube.com/watch?v=9E1taHpbAgc
Cheers!
- UDP Message Sending and Receiving with ASIO: Send Succeeds but Receive Fails in Loop
- Do I need a PORT when joining a multicast group or just the IP?
- Securing a UDP connection
- Unable to receive vídeo Stream from tello drone
- What are the chances of losing a UDP packet?
- How to make Gstreamer RTSP -> UDP -> RTSP low latency pipeline?
- How to build a raw UDP packet in C++?
- Why doesn't error occur in UDP socket communication?
- Error correcting codes for packet loss (UDP)
- Can UDP data be delivered corrupted?
- Lwip on mbed-os 5 doesn't make a proper ethernet connection
- 'L3PacketSocket' object has no attribute 'ins' when using send command
- Node.js: Receiving too many UDP messages at a time, losing them
- Reed Solomon and UDP packet loss/corruption handling
- Is there any possible way to send Udp requests faster in SharpPcap (.NET 8)?
- broadcast UDP from docker (on Windows host) does not make it to the LAN
- Boost asio, timer inside async_receive_from wont trigger
- Why the first client seems to have source ip of 0.0.0.0?
- How to send UDP Packet with specify address
- C# UdpCLient.Receive doesn't receive any data on different machine
- (C# / .NET 8.0) Why can't I receive then send data from UdpClients created and used in separate threads?
- Send Broadcast UDP but not receive it on other Android devices
- How to read UDP packet with variable length in C
- Catching "bind: address already in use"
- Accessing the packet data including the IP header from a UDP packet in C#
- How to "reply" to a UDP packet with IPv6
- Errno: 11, Resource Temporarily Unavailable
- Send image over UDP to Unreal Engine and load it there
- Got "failed to sufficiently increase receive buffer size" error for cloudflared
- Size of empty UDP and TCP packet?