The proto-cluster (rsyslog) is Xubuntu latest (14.x.y). Security Onion server and clients is Ubuntu latest (syslog-ng). Both are VMware VMs on a Mac host.
root@localhost:/var/log# iptables -L -n Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Dr. Brad J. Cox Cell: 703-594-1883 Skype: dr.brad.cox > On Feb 1, 2016, at 8:06 AM, David Lang <[email protected]> wrote: > > what distro is this? have you checked iptables rules? > > iptables -L -n > > David Lang > > On Mon, 1 Feb 2016, Brad Cox wrote: > >> Re earlier, I think the difference was we were getting logs from the rsyslog >> server then (local) traffic. When I removed that, it showed we were not >> receiving remote logs, then or now. But still no idea why. > _______________________________________________ > rsyslog mailing list > http://lists.adiscon.net/mailman/listinfo/rsyslog > http://www.rsyslog.com/professional-services/ > What's up with rsyslog? Follow https://twitter.com/rgerhards > NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of > sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T > LIKE THAT. _______________________________________________ rsyslog mailing list http://lists.adiscon.net/mailman/listinfo/rsyslog http://www.rsyslog.com/professional-services/ What's up with rsyslog? Follow https://twitter.com/rgerhards NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE THAT.
