Hi Guys,
I have added cyberoam firewall in librenms. But syslog messages not working. I have used syslog-ng and rsyslog. But no luck. Could you please on this ?
Thanks,
Gopal.
Any help on this ?
Did you follow this doc on setting up syslog? https://docs.librenms.org/#Extensions/Syslog/ What have you done in terms of trouble shooting?
Hi Kevin,
Yes i have followed this doc ( https://docs.librenms.org/#Extensions/Syslog/ ). syslog-ng port 514 connecting. But no logs. Other devices like router,linux machine are sending syslog via this port. But firewall logs not come. Is there any separate pattern for firewall logs ?
Thanks,
Gopal.
Hi,
Have you checked that the logs are actually sent ? (can use wireshark, tshark, tcpdump etc).
If yes, it might be a config issue in syslog-ng. If not, there is something to troubleshoot on the device itself.
PipoCanaja
Hi Pipo,
Logs are coming to librenms server using rsyslog instead of syslog-ng. But logs are not shown in device syslog page. Even there is no data stored in database for firewall. But we have log for other devices like normal centos machine in database. Could you please suggest any solution for this?
Thanks
Gopal.
Hi,
So you confirm that the server where LibreNMS is running actually receives the syslogs ? (you see then in some /var/log/xxx directory ? )
PipoCanaja
Yes you are right
Good point. Then it might be that rsyslog does not parse the log line correctly and cannot transmit it.
Try to dig the rsyslog config. Or test with syslog-ng which might do it right of the box.
Ok sure. I will check and come back.