Syslog for HP Switches

seansem · April 5, 2017, 5:22am

I have configured inputs for Syslog (UDP and TCP) and forwarded syslog from HP switches.
However, no messages have been captured by Graylog.
May I know the recommended configuration for HP switches inputs?

jochen · April 5, 2017, 7:32am

Try using a Raw/Plaintext input and extract the relevant information using extractors or processing pipeline rules.

seansem · April 10, 2017, 2:13am

Hi,
I managed to resolve this issue by adding rule in iptables.
Ubuntu not allowed for port below 1000 to be used.
iptables -t nat -A PREROUTING -i eth0 -p udp -m udp --dport 514 -j REDIRECT --to-ports 5514

jochen · April 10, 2017, 7:46am

See http://docs.graylog.org/en/2.2/pages/faq.html#how-can-i-start-an-input-on-a-port-below-1024

Topic		Replies	Views
Capture Logs from HP switch Graylog Central (peer support)	3	3309	April 5, 2021
Graylog Cisco Switch Input Failed Graylog Central (peer support)	9	2975	February 17, 2020
How can I add switches and router in gralog The Water Cooler (AMA)	3	60	September 19, 2024
Syslog 514? [Ubuntu Trusty - VM install] Graylog Central (peer support)	8	6882	August 22, 2018
Log Cisco Messages Graylog Central (peer support)	20	12348	December 13, 2019

Syslog for HP Switches

Related topics