Cisco Meraki syslog

Graylog Central (peer support)
1

Hi,

There are couple of queries regarding Meraki syslog integration with Graylog but could not find the solution. I have configured Graylog and forwarding syslog from Meraki. But logs/data are not visible in Graylog.

Running the syslog service on port 8514

image

and receiving the data:

root@syslog:/home/ubuntu# tcpdump -n dst port 8514
12:03:06.944524 IP xxx.54.176.242.43971 > 172.31.12.2.8514: UDP, length 169
12:03:06.945464 IP xxx.54.176.242.43971 > 172.31.12.2.8514: UDP, length 162
12:03:06.949335 IP xxx.54.176.242.43971 > 172.31.12.2.8514: UDP, length 169
12:03:07.046356 IP xxx.54.176.242.43971 > 172.31.12.2.8514: UDP, length 162
12:03:07.049612 IP xxx.54.176.242.43971 > 172.31.12.2.8514: UDP, length 167
12:03:07.052781 IP xxx.54.176.242.48737 > 172.31.12.2.8514: UDP, length 169
12:03:07.087723 IP xxx.54.176.242.48737 > 172.31.12.2.8514: UDP, length 159

Thanks
Fakrul

2

run the tcpdump with ‘-AAAA’ param, and chekc the content of the packages. Are there any usable information?
Do you use pipelines in Graylog?

3

Looks like it is an issue with pipelines. I haven’t configured any pipeline in Graylog. It is default installation.

Tried adding new inputs with Raw/Plaintext UDP and it is working.

Thanks

4

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.