Overview

When configuring Remote Log Sinks to transfer Exinda logs onto the Syslog server, the logs are not being received.

The remote server is reachable through Ping from Exinda WebUI > Configuration > System > Tools.

However, the remote server's application, in this case, EventLog Analyzer, is not showing the Exinda events.

This article provides details on how to investigate the common problems with the remote Syslog server.

Information

As a default way of communication, the syslog server is using port 514. Make sure the port on the server is open, and not blocked by the firewall.

Some 3rd-party applications might be using non-common (custom) ports for such Syslog monitoring. If that is the case, ensure the port is open and the packets are not being dropped by the firewall.

To eliminate 3rd-party apps issues, it's possible to install a standard rsyslog tool on a Linux server. Once the setup process is done, you will be able to monitor Exinda logs by executing sudo tail -f /var/log/messages command.

It is recommended to lower the level of the traps to Notice, which is easy to trigger. For example, log in to Exinda WebUI or restart the Optimizer as shown in the above image.