On Mon, 24 Mar 2014, Muhammad Asif wrote:
Hi Geeks!
I am trying to collect logs of cisco router. I have configure my router and
verified by taking tcpdump. But my rsyslog is unable to write cisco logs in
a file.
I add the following line in rsyslog.conf for this,
if ($fromhost-ip == 'Cisco Router IP Address') then
/var/log/cisco-router.log
& ~
check your iptables rules, if they are blocking the traffic you will still see
it with tcpdump, but it won't reach the application.
log for a short time without the filter
*.* /var/log/everything
and see if you see anything in there. If you do, but don't see them in your
filtered file, we can troubleshoot the specific logs, but if you don't, then we
need to look at the inputs.
If iptables changes don't solve the problem, then we would need to see an
example of the tcpdump of the traffic, and your rsyslog config.
David Lang
_______________________________________________
rsyslog mailing list
http://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
