Cannot send syslog event from AIX 6.1 to RHEL Syslog server


 
Thread Tools Search this Thread
Operating Systems AIX Cannot send syslog event from AIX 6.1 to RHEL Syslog server
# 8  
Old 02-27-2018
Question

happy lunar new year to all of you Smilie i am just getting back from vacation.
I have checked with firewall team and it is getting open as expected. And syslog events still disappear on Syslog server.
I have tried to use tcpdump on AIX system and see that there is no packet sent from this AIX to Syslog server. the command i have used is: tcpdump -vv dst host <Syslog server>

There is one point that I am quite confuse: this server is operation behind a NAT. Does this affect to syslog operation?

The second thought is that the config file is getting wrong. Once i issued the command startsrc -s syslog, it say that the subsystem has started completed successfully along with syslogd PID.
however, i have read some posts and it say: The syslog.conf file MUST be configured with TAB, not space as space will be considered as a comment in syslog.conf. Is that true?

I have put space at the beginning and changed to TAB today. is there any way if i can check there is any space still left in the config file?

Really appreciate for your help.
Regards,
Michael.
# 9  
Old 02-27-2018
Quote:
Originally Posted by michael_hoang
[/B]There is one point that I am quite confuse: this server is operation behind a NAT. Does this affect to syslog operation?
Not the syslog directly, but the network connecction as a whole. Can you (for instance) do ftp, telnet, ssh or any other protocol to the destination host. Can you ping it?

Notice that - as there is a firewall in place - the firewall rules might have to be modified to allow that. My suggestion is to allow ssh-connection for testing purposes and, once this (and everything else) works, they can be removed again.

Quote:
Originally Posted by michael_hoang
is there any way if i can check there is any space still left in the config file?
If ou use the best editor there is (i am talking about vi, of course) you can enter the command:

Code:
:set list

To display tab characters as ^I, so you will see the difference. Use

Code:
:set nolist

to switch that off again. Enter ":" in command mode (this is what you are in when you start it) to get to the colon-prompt.

I hope this helps.

bakunin
This User Gave Thanks to bakunin For This Post:
# 10  
Old 02-27-2018
Run
Code:
tcpdump host <Syslog server>

to see what is being sent/received!
Also run a tcpdump on the other side!
# 11  
Old 03-01-2018
just me being silly, but I hope you are using @some.sys.log.server and not (literally) @<some.sys.log.server> as I doubt the < and > are understood correctly.

Further, you asked about default locations.

AIX only "recently" started with any logs on by default putting the aso logs in /var/log/aso/..."

My default is the directory /var/log/syslog (with /var/log as it's own filesystem).

And I also recommend using tcpdump to check that it is leaving the host, and you can see what ip addresses and port numbers are used.

Further, you might try sending messages to AIX syslogd as a different test of the internal firewall.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Syslog-ng not working not collecting logs on rhel

Hi, I need help on syslog-ng on RHEL 7.2. It is working as expected. As per configuration, it is supposed to create authlog, messages and xymessages daily in respective folder of date. But I can see only messages file and that is also not updating well. # ps -ef | grep -i syslog root 22954... (1 Reply)
Discussion started by: solaris_1977
1 Replies

2. AIX

Configure AIX server to send logs and auditing to Qradar

Hi All I need your help to configure Aix to send logs to Qradar, I did all the methods that mentioned in IBM website and no use, Plz Help,, The Logs should I receive from Aix and display in Qradar is (create user delete user changing in privileges....etc ) my skype account khaled_ly84 ... (4 Replies)
Discussion started by: khaled_ly84
4 Replies

3. HP-UX

Send Audit Events to Syslog

Hi guys, I am currently runnig hp-ux v11.3. I have enabled auditing and I am able to send the audit events to a text file in syslog format using the following command: audisp -r /var/.audit/audtrail/auditfile -P -o follow -O sync | audit_p2l > /var/adm/auditlog I am required to send the... (0 Replies)
Discussion started by: peter maisiba
0 Replies

4. Solaris

How can i send Solaris syslog loging server?

HI how can i send solaris syslog to centralized logging server? i have tried adding like below and got error: *.err;kern.debug;daemon.notice;mail.crit @172.16.200.50:5000 and the error i got in /var/adm/messages is: Jun 10 13:02:24 aresdb-new.alshaya.com syslogd: line 14:... (10 Replies)
Discussion started by: bentech4u
10 Replies

5. AIX

Send a file from AIX to PCOMM server

Hi folks, I am having an issue here.Currently, my system sends a file from AIX using CICS program to mainframe . However, Now I need to send file from AIX using CICS program or any other alternative to PCOMM server. Can anyone enlighten me !! Rgds, Targetshell (4 Replies)
Discussion started by: targetshell
4 Replies

6. AIX

Send message from AIX UNIX server

Hi, I want to send SMS from my AIX unix server. Could you please help me? US Service provider: AT & T I tried the below command but message not received. echo "test msg" | /usr/bin/sendmail -v <mobilenumber>@mobile.att.net (4 Replies)
Discussion started by: rsivasan
4 Replies

7. Shell Programming and Scripting

Send email from sendmail on AIX using exchange server as SMTP server

i am new in AIX i am trying to write a script to take a backup for specific files on server to and check error log if backup success send email to administrator , script done except for sending mail , i try to configure sendmail on aix to use our exchange server to send emails but still get error... (0 Replies)
Discussion started by: ahmed_salah
0 Replies

8. AIX

send mail configuration in AIX server

Hi All, How to configure sendmail service in AIX server ? Please tell me what all changes has to be made in sendmail.conf file. Please help in this issue to configure it. Thanks jack (1 Reply)
Discussion started by: jack00423
1 Replies

9. AIX

how to configure server to send email in AIX

Hi, anyone can guide me how to configure server to send email in AIX. My server is in a closed network, what do I need to configure and how? SMTP gateway? mail server? Thanks and best regards Solomon (4 Replies)
Discussion started by: chongkls77
4 Replies

10. UNIX for Dummies Questions & Answers

Send email to another server on AIX

I am trying to send an email to another server but i don't seem to be able to do it. I can receive mail form other servers but not send out. I am using IBM AIX 4.x Any knows whcih configuration file i need to set ? or any network port to look out for ? (1 Reply)
Discussion started by: owls
1 Replies
Login or Register to Ask a Question