[rsyslog] [basic] No remote logs getting thru

[Harry Putnam]

"Rainer Gerhards" <rgerhards at hq.adiscon.com> writes:

> Harry,
>
> I think this may contain useful information for you:
>
> http://cookbook.rsyslog.com/node13.html

From:http://cookbook.rsyslog.com/node14.html

*.*   @@192.0.2.1:10514
# if you need to forward to other systems as well, just
# add additional config lines:
*.*   @@other-server.example.net:10514

I must be missing something... (I am a novice with this) but I don't
see anything different in the suggested config from what I've already
posted in the client config.  Except it shows a second remote server
being sent logs... which I'm not trying to do.

Also what is needed in the server to make rsyslog listen to port 514?
As I've mentioned, that (server) instance of rsyslog is being started
with -t514.

I've seen nothing so far either in the stock rsyslog.conf example
configs or at: http://cookbook.rsyslog.com/node13.html to indicate
some better or more precise way to get the server to listen on 514

On the server:

  `ps wwaux' shows how the server is running:

  ps wwaux|grep rsyslog (wrapped for mail)

   root     21399  0.0  0.1  35192  1208 ?        Sl   Feb25  \
   0:00 /usr/sbin/rsyslogd -c3 -t514 -i \
   /var/run/rsyslogd.pid -f /etc/rsyslog.conf

There are no firewalls involved here... its a local network behind a
firewall router so all rsyslog traffic is only on the local side.

I'm not sure if it means anything but trying: 
  telnet server_host 514

from the client machine does fail to connect.  And the attempt does
not show up in the catchall ouput on server either.