cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

Syslog critical messages not showing ?

Jump to solution

We are seeing an issue with seeing Sev5 alerts coming from devices that are sending error messages to the logging database. 

specifically, we are looking for OSPF neighbor state changes that we see going out on packet cap, but they don't seem to make it to the database, although other messages are. 

Could we be filtering them out in some way that we don't see ?

Labels (2)
Tags (2)
0 Kudos
1 Solution

Found that the Neighbor state change syntax we had in a filter allowing some Notice messages was incorrect for what Solarwinds was pulling into Syslog Viewer. Unfortunately, I figured this out on my own, Solarwinds was unable to help.

 

View solution in original post

0 Kudos
3 Replies
Is the router configured to send severity 5 (notice) syslog messages to Orion, and are you seeing other syslog messages from this router in Orion?
0 Kudos

It is. We've confirmed they are going out in packet caps.

 

Actually on a call with support right now, figuring this out, hopefully.

0 Kudos

Found that the Neighbor state change syntax we had in a filter allowing some Notice messages was incorrect for what Solarwinds was pulling into Syslog Viewer. Unfortunately, I figured this out on my own, Solarwinds was unable to help.

 

View solution in original post

0 Kudos