Cacti (home)ForumsDocumentation
Cacti: offical forums and support
It is currently Fri Mar 24, 2017 7:25 am

All times are UTC - 5 hours




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Not able to collect logs from network switch to syslog
PostPosted: Fri Mar 17, 2017 1:28 am 
Offline

Joined: Thu Mar 16, 2017 1:48 pm
Posts: 2
I am not able to collect logs from network switch to syslog. I am using Ubuntu 14.04 with Cacti 0.8.8h.
I have all the devices added with graphs working , however nothing is being populated in syslog plugin view for network swithces connected in our netowrk. I can add windows and linux boxes though.
I have tries using rsyslog,syslog-ng and snmptt but nothing works.
In switches we have alredy enabled snmp and snmptrap and added the IP for cacti server as syslog server.
I have also followed below URLs:
https://ubuntuforums.org/showthread.php?t=1826166

Note, We are using MRTG community, SNMP v2 for connection to all switches. Whereas for linux client boxes, I simply added IP for cacti in rsyslog.conf flie and I was able to see the logs in syslog tab in CACTI.
For us it is really importatn to capture switch logs, else management would not like to continue with CACTI.
Please cacti experts, help me !!! :o

root@cacti:~# netstat -a |grep syslog
udp 0 0 *:syslog *:*
udp 0 0 *:syslog *:*
unix 2 [ ACC ] STREAM LISTENING 368825 /var/lib/syslog-ng/syslog-ng.ctl
unix 2 [ ACC ] STREAM LISTENING 3003613 /var/lib/syslog-ng/syslog-ng.ctl
root@cacti:~#


Top
 Profile  
 
 Post subject: Re: Not able to collect logs from network switch to syslog
PostPosted: Sat Mar 18, 2017 6:20 am 
Offline

Joined: Thu Mar 16, 2017 1:48 pm
Posts: 2
This is my current status on syslog-ng recieving status...
root@cacti:/etc/syslog-ng# netstat -ntulp "pipe" grep ":514"Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 35262/sshd
tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 50209/mysqld
tcp6 0 0 :::80 :::* LISTEN 50536/apache2
tcp6 0 0 :::22 :::* LISTEN 35262/sshd
udp 0 0 127.0.0.1:161 0.0.0.0:* 42498/snmpd
udp 0 0 0.0.0.0:47386 0.0.0.0:* 42498/snmpd
udp 0 0 0.0.0.0:514 0.0.0.0:* 8543/syslog-ng
udp 0 0 0.0.0.0:514 0.0.0.0:* 7520/syslog-ng
root@cacti:/etc/syslog-ng#

We also dont have any firewall in between...

root@cacti:/etc/syslog-ng# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
root@cacti:/etc/syslog-ng# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination

Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination

Chain POSTROUTING (policy ACCEPT)
target prot opt source destination

oot@cacti:~# lsof -i :162
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
snmptrapd 9784 root 9u IPv4 3054505 0t0 UDP *:snmp-trap
root@cacti:~#


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC - 5 hours


Who is online

Users browsing this forum: Google Adsense [Bot], Rno and 7 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  

Protected by Anti-Spam ACP Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group