Solarwinds Event Log Forwarder for Windows over IPv6


i'd like to ask if anyone have an experience with the Free Solarwinds Event Log Forwarder for Windows over IPv6?
The software is installed on our Windows servers, at the moment we use it with setting "FQDN", and it works via IPv4 without issues.

We are able to select Ipv6 in the Dashboard -> syslog servers -> edit -> server address menu, but when we select Ipv6, it doesn't start any communication towards the syslog server. I have monitored the outgoing connection with wireshark, but when i select ipv6 there is no communication at all towards the Ipv6 syslog server addresses. We could generate some traffic with powershell over udp 514, which was visible in Wireshark, so it is not a firewall issue. It looks like the software stops sending logs.  

Is anyone tested or using this software over Ipv6?

thank you


  • Hello Attila, Good Day!!.

    Here you have mentioned that you are using FQDN. have you created the AAAA Record Entry in DNS manager ( on your DNS Server) ?. 

    You can also isolate the issue, by pointing the IPV6 Address instead FQDN, which will gives you a clear picture, whether the request are triggering to Targeted server.

  • Hello Bijuk,

    in DNS we have both the "A" and the "AAAA" record of the Syslog server. But it is not a DNS issue. When i change the setting from FQDN to IPv6 in the log forwarder client, i'm entering the Ipv6 address of the Logserver. In this case No DNS is involved
    I tried both the shortened IPv6 address as well as the full address (with Zeros).

  • Have you completed the following steps? 

    Choose File >> Setup (KIWI Server Setup Dialog) >> Click Inputs Node >> Enable IPV6 >> Apply/save changes

    Additional Info: 

    SNMP Traps are sent to Port 163

  • The problem is not that the server doesn't receive or doesn't process the data. The problem is that the client doesn't send anything. As i wrote above, i do monitoring with wireshark.
    Let's say i don't have a syslog server at all. I just install the Solarwinds log forwarder client on a Windows server. I just have to have an additional device with a valid IP as target so it answers with a valid MAC and communication can start (no application is installed on the target at all), and the Solarwinds Log forwarder is already sending the data (with Ipv4 setting).  Yes it is sending it to oblivion, but it is sending it. So it works without having any syslog server. As soon as i change to Ipv6 in the client, also having a valid ipv6 IP as a target, The software doesn't do any communication, doesn't send any data.  
    Like this I think it doesn't matter what i configure on the syslog server side. I need to make the client work.

    I would focus on my original question: Does anyone have an experience with the Free Solarwinds Event Log Forwarder for Windows over IPv6. Could anyone make it work? :) 

  • Is it Possible to find any reason from the logs file? 



    Default path:-

    C:\Program Files (x86)\SolarWinds\SolarWinds Event Log Forwarder for Windows


  • Thanks for the suggestion
    I also found these logfiles, unfortunately they are not very helpful Disappointed

    Logforwarder.log contains only one message multiple times:

    System Default Language Id: 1033

    LogForwarderService contains the following two messages multiple times

    SolarWinds Event Log Forwarder for Windows; Service Started.
    Configuration File Reloaded at 1/12/2023 6:25:31 AM

    This is all the info in the logfiles. There is one more logfile

    "DEBUG MainWindow Close App", "DEBUG MainWindow Application started"  -> with these messages only