Syslog messages don’t arrive on graylog, but shown in tcpdump


I am using Graylog single node and on version 3.3.8

I need some help in checking / troubleshooting why my Graylog server is not receiving rsyslog logs from juniper SRX345 firewall. I have done the necessary rsyslog configuration on my firwall host, however in my Graylog WEB UI i not see any logs coming in from this firewall
I then tried using tcp dump command on my graylog server to check if its receiving data or not. I am successfully receiving logs from the firewall. any idea Why is it is not showing in graylog GUI ?

Output of tcpdump:

If possible, change syslog to send to a port higher than 1024… I used 1514

if not, here is a place to start - ports below 1024 are only accessible to root unless you adjust…

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.