Re: Syslog Not Listening (330 Views)
Reply
Occasional Advisor
askhemant
Posts: 15
Registered: ‎04-25-2012
Message 1 of 7 (358 Views)

Syslog Not Listening

I am interested in NNMi receiving syslog messages from different devices.  For whatever reason the server is not listening on port 514  (I did a packet capture and after a syslog message is sent to the NNMi server it replies with an ICMP Port Unreachable,    Also if I do a netstat-a I dont see it listening on 514).

Dumb question but how do I start this service (and from what googleing I've done it should start automatically)?

 

Thanks,

 

 

Honored Contributor
LindsayHill
Posts: 742
Registered: ‎11-16-2011
Message 2 of 7 (341 Views)

Re: Syslog Not Listening

So far as I can tell, you need to be using ArcSight to pull in syslog messages.
CCIE 36708 | @northlandboy | lkhill.com
Occasional Advisor
askhemant
Posts: 15
Registered: ‎04-25-2012
Message 3 of 7 (330 Views)

Re: Syslog Not Listening

I believe ArcSite is installed by default with 9.2 (though I could be wrong).  If I go to Configuration-> Incidents-> Syslog Message Configurations I see the different syslog events and the author is HPArsight.  Does this mean its installed?

Honored Contributor
LindsayHill
Posts: 742
Registered: ‎11-16-2011
Message 4 of 7 (322 Views)

Re: Syslog Not Listening

No, it just means the incident configuration is present. It doesn't mean that ArcSight is installed.

CCIE 36708 | @northlandboy | lkhill.com
Respected Contributor
mostafa_hassan
Posts: 287
Registered: ‎12-11-2011
Message 5 of 7 (317 Views)

Re: Syslog Not Listening

but NNM can recieve Syslog messages from Devices without using Arcsight , i used that to recieve Cisco Syslog Messages ,

 


Askhemant, what operating system u r using for NNM ?!

 

 

All the best .
Saying Thanks by hitting Kudos :)

Regards
Mostafa Hassan
HP AIS NNM-NA-OO
CCNA-CCNP-ITIL-VCA-Cloud-VCA DataCenter
Occasional Advisor
askhemant
Posts: 15
Registered: ‎04-25-2012
Message 6 of 7 (299 Views)

Re: Syslog Not Listening

Sorry about the delay, I thought I set my profile to email me with new posts to the thread.

 

I'm using Windows Server 2008 R2.  Do I have to start the process manually? 

Respected Contributor
mostafa_hassan
Posts: 287
Registered: ‎12-11-2011
Message 7 of 7 (282 Views)

Re: Syslog Not Listening

Actually i don't know , but try it to start syslog server service , and check the port is lisenting on 514

 

u can use netstat -a and check port there is active and listen or not .

 

-a Displays all active TCP connections and the TCP and UDP ports on which the computer is listening.

 

also , make sure from config part to disable the option discard unresolve traps :

 

 

All the best .
Saying Thanks by hitting Kudos :)

Regards
Mostafa Hassan
HP AIS NNM-NA-OO
CCNA-CCNP-ITIL-VCA-Cloud-VCA DataCenter
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.