MikroTik

Posted: **Wed Jan 23, 2013 11:56 pm**

Hello professionals,
I want to log the system messages to an external syslog server.
After installing a Snare BackLog server on one machine (192.168.149.112)
and adding a new LogAction at System/Logging with Type remote,
Remote Address 192.168.149.112 and Remote Port 514...
... there are no log messages received by the Snare BackLog server.

What was my mistake here?

Thanks a lot and best regards, Mike.

Posted: **Thu Jan 24, 2013 4:45 am**

better u should have some capture/attachment..

Posted: **Thu Jan 24, 2013 9:12 am**

After installing a Snare BackLog server on one machine (192.168.149.112)
and adding a new LogAction at System/Logging with Type remote,
Remote Address 192.168.149.112 and Remote Port 514...
... there are no log messages received by the Snare BackLog server.

What was my mistake here?

Does the firewall on 192.168.149.112 allow incoming traffic on udp 514?

Posted: **Thu Jan 24, 2013 10:03 am**

Oops, the firewall port for udp 514 was not opened

But opening the syslog port doesn't resolve the issue.
There are no messages logged in snare.

Posted: **Thu Jan 24, 2013 2:57 pm**

I was able to solve this issue.
The Dude was blocking this port. Stopping The Dude was the right solution.

Thanks a lot.

MikroTik

System logging to SysLog server

System logging to SysLog server

Re: System logging to SysLog server

Re: System logging to SysLog server

Re: System logging to SysLog server

Re: System logging to SysLog server