Solved

syslog-ng error.

Posted on 2008-10-29
3
445 Views
Last Modified: 2013-12-16
I have configured openSuse syslog-ng to send logs to a remote windows server.
in /var/log/message file I get this error message every minute:
"Error connecting to remote host AF_INET(x.x.x.x:514) reopening in 60 seconds. "
does any body know what does it mean and how to resove it.

my entry in syslog-ng.conf
destination eventmanager { udp("x.x.x.x" port(514)); };
log { source(src); destination(eventmanager); };

there is a firewall between the client and the remote server.  

Thank you.
Abdellah
0
Comment
Question by:AbdellahT
3 Comments
 
LVL 19

Expert Comment

by:jools
ID: 22836400
Is the syslog server on the windows system accept remote connections?
0
 
LVL 7

Accepted Solution

by:
macker- earned 500 total points
ID: 22836773
Just to confirm, "x.x.x.x" is a correct and valid IP address, that you've obscured for the purposes of this question?

Have you verified that the firewall is not rejecting the packets, and that the Windows server is configured to accept them?

In Windows, you can do a basic test by opening the command prompt, and running the command "netstat -an"; you should see an entry, such as "UDP    0.0.0.0:514           *:*".  If there is no such entry, then the Windows server is not listening.

It wouldn't hurt to verify that packets are being sent out, and received.  On the Linux side, you can use tcpdump, e.g. `tcpdump -p udp port 514 and dst 1.2.3.4`, where 1.2.3.4 is the address of the Windows server, as defined in syslog-ng.conf.  Similar monitoring on the Windows side would be useful, using your favorite sniffer, if one is available and able to be run on this host.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Centos 7 User to Start Apache, MariaDB, LDAP 5 40
is my large folder zipped corrupted 4 66
windows 7 starter missing password 21 78
linux 13 50
rdate is a Linux command and the network time protocol for immediate date and time setup from another machine. The clocks are synchronized by entering rdate with the -s switch (command without switch just checks the time but does not set anything). …
How many times have you wanted to quickly do the same thing to a list but found yourself typing it again and again? I first figured out a small time saver with the up arrow to recall the last command but that can only get you so far if you have a bi…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question