Syslog messages don’t arrive on graylog, but shown in tcpdump

Chamara · November 12, 2020, 8:19pm

Hello,

I am using Graylog single node and on version 3.3.8

I need some help in checking / troubleshooting why my Graylog server is not receiving rsyslog logs from juniper SRX345 firewall. I have done the necessary rsyslog configuration on my firwall host, however in my Graylog WEB UI i not see any logs coming in from this firewall
I then tried using tcp dump command on my graylog server to check if its receiving data or not. I am successfully receiving logs from the firewall. any idea Why is it is not showing in graylog GUI ?

Output of tcpdump:

tmacgbay · November 12, 2020, 9:12pm

If possible, change syslog to send to a port higher than 1024… I used 1514

if not, here is a place to start - ports below 1024 are only accessible to root unless you adjust…

system · November 26, 2020, 9:12pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Troubleshoot why logs are not coming in Graylog Central (peer support)	3	3900	August 14, 2017
Syslog messages don't arrive on graylog, but shown in tcpdump Graylog Central (peer support)	5	3134	August 21, 2017
Juniper syslog to graylog Graylog Central (peer support)	8	6198	May 4, 2018
Juniper SRX345 and Gaylog not working Graylog Central (peer support)	8	354	July 28, 2023
[solved] How i get rsyslog messages in graylog? misunderstanding Graylog Central (peer support)	5	9078	February 1, 2019

Syslog messages don’t arrive on graylog, but shown in tcpdump

Related topics