Problem to receive in interface log

Groucou · February 27, 2017, 2:03pm

Hi,

I have a problem with my Graylog Server.
I don’t see my Cisco switch on Sources.

I see my NetApp but not my Cisco Nexus 5X.
I don’t understant because on my Graylog Server I receive all syslog Nexus :

tcpdump :
14:57:40.511493 IP 192.168.50.137.64665 > 192.168.50.171.514: SYSLOG local5.notice, length: 95
14:57:40.513459 IP 192.168.50.137.64665 > 192.168.50.171.514: SYSLOG local5.notice, length: 137
14:57:40.515420 IP 192.168.50.137.64665 > 192.168.50.171.514: SYSLOG local5.notice, length: 103
14:57:40.517413 IP 192.168.50.137.64665 > 192.168.50.171.514: SYSLOG local5.notice, length: 92
14:57:40.519400 IP 192.168.50.137.64665 > 192.168.50.171.514: SYSLOG local5.notice, length: 106
14:57:40.521332 IP 192.168.50.137.64665 > 192.168.50.171.514: SYSLOG local5.notice, length: 95
14:57:40.931343 IP 192.168.50.136.25768 > 192.168.50.171.514: SYSLOG local5.notice, length: 99

jochen · February 27, 2017, 3:03pm

Some network appliances are sending invalid syslog messages.

Try using a Raw/Plaintext TCP input and extractors for your Cisco devices, see http://docs.graylog.org/en/2.2/pages/extractors.html for details.

Topic		Replies	Views
Log Cisco Messages Graylog Central (peer support)	20	12641	December 13, 2019
Graylog is not picking Cisco switch logs Graylog Central (peer support)	2	3552	April 2, 2017
Graylog and private IP sources for syslog Graylog Central (peer support)	1	370	September 9, 2020
Graylog not logging Cisco switches logs Graylog Central (peer support)	5	1678	February 23, 2021
Can not receive Cisco logs Graylog Central (peer support)	11	9461	May 8, 2018

Problem to receive in interface log

Related topics