Thanks David sir for reply.. Now I have commented:
1. Sending logs on port 10514 and commented UDP and TCP both 2. Sending logs on port 514 and commented all entries except one UDP entry i.e. @172.20.54.213. 3. Commented the 86th line. So result of this, I am getting only one entry of logging components. but still not getting "snort" application alert logs. I am sending netstat output of two machines: http://fpaste.org/45997/ rsyslog client [snort installed system ] : ip 172.20.54.211 rsyslog server : ip 172.20.54.213 I am also attaching modified rsyslog.conf files rsyslog client : http://fpaste.org/46002/ rsyslog server: http://fpaste.org/46003/ Now what is hindering here? Please guide, Thanks !! *-- * *Cheers, Mayur* _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
