cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 7

Kiwi Syslog not receiving any message

Hello,

I just installed Syslog on a Windows 8 VM (ESXi 5.5).

However... I don't received any message from the router (Cisco RV042G) I want to log.

I tried the generic troubleshhoting :

• Check network connectivity by pinging from the sending device to the Syslog Server machine  => OK
• Check only one instance of Kiwi Syslog Server is running (Ctrl-Shift-Esc to get the task-list) => OK, only one
• Disable any personal firewall software such as ZoneAlarm or BlackIce => Disabled

• Use a sniffer to check if messages from the routing are reaching the PC => Yes, I can see them
• Check DNS resolution is working as expected by pinging a hostname from the Command Prompt => OK
• Check that there is a "Display" action setup for the facility and level you are expecting to receive messages on. => OK
• Send a test message to yourself by pressing Ctrl+T => Displayed
• Download a copy of the Free Syslog Server Message Generator (SyslogGen) from: www.kiwisyslog.com/downloads => Done
• Install SyslogGen and set it to send a message every second to the address 127.0.0.1 (local host). => Not displayed, and I don't see them in a local packet capture.
• Try sending messages with SyslogGen from another machine to the host running the Syslog Server => Not displayed, but see them on a packet capture (on Syslog PC)

Do you have any idea about the cause of this issue ?

Thanks in advance for your help.

0 Kudos
14 Replies
Level 7

This doesn't appear to be available in version 9.6.7.1, as I am having the same issue. But it seems to be missing the IP input fields.

I followed this article.

Success Center

Any suggestions?

Version 9.6.7.1

pastedImage_0.png

Prev Versions:

Is the bottom view not the FREE Version and the top new the Trial Eval version? The free version only gives you 5 devices and so you have to specify the devices it will listen for.

The TRIAL Evaluation version doesnt give you that option?

0 Kudos

I am having the same problems.  What is the sending device and where do I find the IP address I need to add to Kiwi Syslog Setup?

0 Kudos
Level 15

0 Kudos
Level 7

I just spent the afternoon troubleshooting the same issue.  The answer is stupid simple, it just needs to be documented in Help and Forums.

I would guess this applies to the Free Version only, as there is a 5 device limit, and it appears that those devices have to be explicitly enumerated in "Inputs"

Add the IP address of the sending device to the list titled "Receive messages from the below IP addresses".

I hate to resurrect a 2 year old post, but thanks Metz for pointing this out.  I had the same issue and this fixed it.

0 Kudos

Thanks for the feedback, metz.

I'll make sure the 5-device limit of the free version is better communicated.

Regards,

Jiri

0 Kudos
Level 15

Are you seeing syslogs from any devices in Kiwi Syslog server on this system?

0 Kudos

I have only 1 source of logs.

Yesterday, I tried to install Kiwi on another PC (not a VM), and I have the same result.

No log registered from the router (but I can see the packets with a sniffer), and I don't receive local messages from SyslogGen (local or remote).

And, of course, the Windows Firewall had been disabled.

I think I missed something in the Syslog configuration.

Is theresomething specific to configure after installation (on the Syslog side) ?

0 Kudos

From a Windows command prompt run the following command:

netstat -aop udp

Next check in task manager to see which application is listening on port 514 by checking the PID.

0 Kudos

The answer is : Syslogd_Service.exe

Same result with SyslogGen : nothing...

0 Kudos

If Kiwi Syslog is running as a service, restart the service and then test to make sure it is still listening on port 514.

0 Kudos

Done and checked (Ping the service and Show service state  => OK).

But still unable to receive any log message from SyslogGen. 

0 Kudos

Have you tried sysgen on the Kiwi Syslog server?

0 Kudos