Syslog UDP Input failed - rsyslog and graylog
I have been trying to send logs from my Centos 8 virtual machine to a Graylog server using rsyslog. Unfortunately my UDP Syslog Input fails without any further description.
I have made sure to add this line to my rsyslog configuration file in /etc/rsyslog.conf:
*.* @192.168.100.45:514;RSYSLOG_SyslogProtocol23Format
Where 192.168.100.45 is the IP address of my Graylog server
I have made sure to allow communication on port 514/udp on both machines using firewall-cmd:
firewall-cmd --add-port=514/udp --permanent
firewall-cmd --reload
The output of systemctl status rsyslog.service:
The configuration of UDP Syslog Input on my Graylog Server:
Where 192.168.100.40 is the IP address of my Centos 8 machine from which the logs should arrive.
Before anyone suggests, this post was not helpful: How to send syslog to graylog
I kindly ask for your help and wish you a nice day/night!
I solved it myself. The bind address should be set to default and not the IP address of the client. Furthermore, I changed the port from default which was 514 to 3514 (saw it somewhere on the internet).
Also this line:
*.* @192.168.100.45:514;RSYSLOG_SyslogProtocol23Format
is wrong, there should be a double colon instead of a semicolon:
*.* @192.168.100.45:514:RSYSLOG_SyslogProtocol23Format
Most of this information was discovered by me in this tutorial: https://www.youtube.com/watch?v=9E1taHpbAgc
Cheers!
- You must call the Bind method before performing this operation => No, I don't
- Peer to peer socket communication without port forwarding
- Making recvfrom() function non-blocking
- TCP for real-time systems
- What is the meaning of 0.0.0.0 address while receiving broadcast (or other packets)?
- Why traceroute sends UDP packets and not ICMP ones?
- OSC communication on local network between Android and OSX
- Is there a way to avoid MITM attacks without encryption?
- MSVC vector Debug Assertion with Boost.Asio async UDP server
- How to distinguish the incoming packets group when joining multiple multicast feeds in UdpSocket
- Difference between UNIX domain STREAM and DATAGRAM sockets?
- UDP Message Sending and Receiving with ASIO: Send Succeeds but Receive Fails in Loop
- Do I need a PORT when joining a multicast group or just the IP?
- Securing a UDP connection
- Unable to receive vídeo Stream from tello drone
- What are the chances of losing a UDP packet?
- How to make Gstreamer RTSP -> UDP -> RTSP low latency pipeline?
- How to build a raw UDP packet in C++?
- Why doesn't error occur in UDP socket communication?
- Error correcting codes for packet loss (UDP)
- Can UDP data be delivered corrupted?
- Lwip on mbed-os 5 doesn't make a proper ethernet connection
- 'L3PacketSocket' object has no attribute 'ins' when using send command
- Node.js: Receiving too many UDP messages at a time, losing them
- Reed Solomon and UDP packet loss/corruption handling
- Is there any possible way to send Udp requests faster in SharpPcap (.NET 8)?
- broadcast UDP from docker (on Windows host) does not make it to the LAN
- Boost asio, timer inside async_receive_from wont trigger
- Why the first client seems to have source ip of 0.0.0.0?
- How to send UDP Packet with specify address