[rsyslog-notify] Forum Thread: Re: Rsyslog 5.8.10 - UDP issue - (Mode 'reply')
noreply at adiscon.com
noreply at adiscon.com
Wed Feb 11 22:20:00 CET 2015
User: dlang
Forumlink: http://kb.monitorware.com/viewtopic.php?p=25245#p25245
Message:
----------
If you are seeing data on tcpdump that isn't getting into any file, start
by checking that you don't have any filters that are blocking it.
Add:
*.* /var/log/debugfile;RSYSLOG_DebugFormat
up at the top of your outputs (to make sure nothing is throwing anything
away)
If this shows the log, then the problem is your filters.
If this is not showing the log, then the message isn't getting to rsyslog.
You could have iptables filters that are blocking the traffic and still
have it show up in a tcpdump.
One odd case I ran into once was that the receiving system had to have a
route to the sending system's IP address (it doesn't matter if the route is
actually correct), or the OS will throw away the packet. Since there are
not a lot of systems that don't have a default route, this is a very
unusual corner case, but it's an example of what can happen.
Can you provide more details of what's happening and what your config is?
More information about the rsyslog-notify
mailing list