0

I am struggling a bit with my new syslog server which is not receiving log from my wifi appliance. My wifi appliance is an aerohive, there is almost nothing about configuring syslog on it on internet, but I think I figured it out.

screen of the syslog parameter I think this part is good. So I configured a syslog-ng to receive data sent from the appliance. I followed many tutorials and ended up by adding this lines

source s_network { udp( port(514)); };

destination d_local { file("/var/log/host/log.txt"); };

on the file /etc/syslog-ng/syslog-ng.conf

I am supposed to collect log on the log.txt file but I am getting nothing

I have tried with this :

source s_all {   
  tcp( network(ip(10.0.0.146));
  udp(network(ip(10.0.0.146)); };

source s_all { 
    udp();
    tcp(); };

even this 

 source s_net {
         udp(); };

but its not working either.

Both appliance and syslog server are on the same network, I can ping the appliance from the server. So I think the problem come from configuration. Do you guys have any idea of what is the problem ?

HBruijn
  • 77,029
  • 24
  • 135
  • 201
user7394492
  • 1
  • Shame on me I forgot to say hello and the edit doesnt let me add it – user7394492 Aug 29 '18 at 15:50
  • 2
    ServerFault is Q&A platform, you don't need to add salutations, "thank you"'s nor any other signature than your personal badge. - In your screenshot you configure your appliance to send it's logs to a server named "syslog" , I suspect that you need to enter the ip-address of your syslog server there, or a fully qualified dns name, rather than a short host name. – HBruijn Aug 29 '18 at 16:12
  • Hi, first, make sure that your sources and destinations are included in a log {} statement, otherwise syslog-ng ignores them. Also, use tcpdump on your syslog server to check if it receives anything from the client. – Robert Fekete Aug 30 '18 at 11:28
  • @HBruijn thank you for your answer, the screenshot does not show it but the object named syslog include the ip adress of my server. – user7394492 Aug 31 '18 at 08:30
  • @RobertFekete hello, so I added this log { source(s_network); destination(d_local); }; accord to my previous lines and it's still not working. I will try a tcpdump – user7394492 Aug 31 '18 at 10:10
  • Update: tcpdump does not find any traffic from my aerohive's IP – user7394492 Sep 03 '18 at 09:21

0 Answers0