I am currently testing greylog to syslog for a Cisco CSRV. Can someone help with how this is configured within grey log?
Below is the config on the CSRV:
logging host 10.27.255.4 transport udp port 5149
In Grey log I have completed the following steps:
System > Inputs, select the input type from the drop down box (syslog UDP), and hit “Launch new input”. From here I have entered the following settings:
- allow_override_date: true
- bind_address: 0.0.0.0
- expand_structured_data: false
- force_rdns: false
- override_source: empty
- port: 5149
- recv_buffer_size: 262144
- store_full_message: true
The input is showing as ‘running’ however I do not see any data packets from the CSRV at all. Can someone point me in the right direction?