HPE Community
Operating System - HP-UX
1824471 Members
3373 Online
109671 Solutions
New Discussion юеВ

Remote syslog to an Orion server

 
Sean OB_1
Honored Contributor

тАО06-29-2005 03:22 AM

тАО06-29-2005 03:22 AM

Remote syslog to an Orion server

Howdy,

I have a client that has setup a syslog server on their Orion box.

They want to send HPUX syslogs to this server.

So I've setup the syslog.conf as follows:

# @(#)B.11.11_LR
#
# syslogd configuration file.
#
# See syslogd(1M) for information about the format of this file.
#
mail.debug /var/adm/syslog/mail.log
*.info;mail.none /var/adm/syslog/syslog.log
*.alert /dev/console
*.alert root
*.emerg /dev/console
*.debug @nnn.n.nn.n
*.notice @nnn.n.nn.n
*.info @nnn.n.nn.n
*.emerg @nnn.n.nn.n
*.alert @nnn.n.nn.n

where nnn.n.nn.n is the IP of their orion server.

I've then stopped and restarted the syslog daemon and run a few logger commands to test it.

The logger commands show up brilliantly in the local syslog but so far have not shown up on the orion machine, although they do have cisco syslogs going to that machine.

Any ideas on what I can check on to see where the problem lies?

TIA and points for all responses.

Sean

0 Kudos
Reply
4 REPLIES 4
D Block 2
Respected Contributor

тАО06-29-2005 03:41 AM

тАО06-29-2005 03:41 AM

Re: Remote syslog to an Orion server

Sean,

can you do some network detection of the out going (or incoming) packets using TCPDUMP on both servers ?

run the logger, and then monitor packets in another window using TCPDUMP.


Golf is a Good Walk Spoiled, Mark Twain.
0 Kudos
Reply
Sean OB_1
Honored Contributor

тАО06-29-2005 04:06 AM

тАО06-29-2005 04:06 AM

Re: Remote syslog to an Orion server

tcp dump show no outbound traffic to the orion server other than responses to snmp queries from the orion server.

0 Kudos
Reply
D Block 2
Respected Contributor

тАО06-29-2005 04:14 AM

тАО06-29-2005 04:14 AM

Re: Remote syslog to an Orion server

Sean,

so it sounds like orion is not listening/receiving the snmp messages.

any firewalls in between, does orion trust you?

can you test something out here: (do you have a server that has 'snmpwalk', maybe a linux) ?

snmpwalk -c public system
Golf is a Good Walk Spoiled, Mark Twain.
0 Kudos
Reply
Sean OB_1
Honored Contributor

тАО06-29-2005 04:21 AM

тАО06-29-2005 04:21 AM

Re: Remote syslog to an Orion server

The orion machine talks snmp fine with this server. I can snmpwalk the orion machine using the read community string.

I see snmp queries from orion and the responses from this server.

But I don't see any outbound traffic other than snmp. Shouldn't I see outbound from this server to port 514 on the orion server?
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.