Syslog UDP Input does not generate log.

bryambalan · May 12, 2021, 8:09pm

Hey guys,

I am setting up a BitDefender to send logs (Syslog UDP) to Graylog.

However, I am having the following problem:

Via TCPDUMP I see the logs arriving;
On Graylog (WEB) only a few logs are being generated;

Ex: Basically every 1000logs I can see in Graylog only 3.

What can I validate to try to identify what is a problem?

gsmith · May 12, 2021, 11:01pm

Hello and welcome,

What version of graylog are you using?
What port are you using for you input? If your using port 514 that a privileged port. Might want to change to something over 1024 to see if that works.

What does your Syslog UDP INPUT configuration look like? Maybe something like this?

If it was my environment, check ES and Graylog log files for errors/warnings. Confirm that the Date/Time is correct on Graylog server and the remote device sending logs to graylog server.

system · May 26, 2021, 11:01pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
UDP inputs not working Graylog Central (peer support)	3	7642	January 3, 2019
No Messages in Syslog UDP/5141 Input Graylog Central (peer support)	14	3549	January 22, 2021
Graylog inputs do not seem to be working Graylog Central (peer support)	5	2916	September 7, 2018
RSYSLOG UDP works but not SYSLOG TCP Graylog Central (peer support)	9	12207	October 6, 2017
Issue with Syslog input UDP Graylog Central (peer support)	3	602	November 1, 2019

Syslog UDP Input does not generate log.

Related topics