I'm having an odd problem with the syslog.
I'm trying to log messages from a cisco 2600 series router.
I'm already logging messages from a PIX and that works fine.
Using a packet sniffer I can see the upd packets going from the router to the linux box, but once they hit the linux box they just vanish. In a week I've had 1 entry into the 2600.log file.
To check that the 2600.log actually logs data i've used *.* /var/log/2600.log and it logs entries as expected, well everything but the 2600 messages.
syslog.conf entries of the two cisco devices
local4.* /var/log/PIX.log
local5.* /var/log/2600.log
I've set the 2600 to use faciltiy local5 and using a syslog on another machine I can recieve the log messages that I'm expecting.
But I get nothing on the linux machine. I know the udp packet are getting their, and that syslog is setup to listen on port 514/udp and it is listening (the pix.log entry works).
Has anyone ever experienced anything similar? or does anyone have an idea on whats going wrong?
Regards
Andrew
