Text only | Text with Images

NetXMS Support Forum

English Support => General Support => Topic started by: Mr_Reyes on January 17, 2017, 10:45:46 PM

Title: syslog message originating from nat network
Post by: Mr_Reyes on January 17, 2017, 10:45:46 PM
Hey all

i need some tips on handling syslog messages originating from behind a nat router.

the source and host in the messages takes the routers info, but the messages contains <time><device><log event>

how can i handle these messages, so they will end up on the correct devices (i have an agent running snmp off the devices)?

i cant seem to figure out how to use the parser for this...
Title: Re: syslog message originating from nat network
Post by: Victor Kirhenshtein on January 18, 2017, 12:20:08 AM
Hi,

if syslog message contains correct device name and you have that device under same name in NetXMS, try to set server configuration parameter SyslogNodeMatchingPolicy to 1 (which means "host name then IP") and restart server.

Best regards,
Victor
Title: Re: syslog message originating from nat network
Post by: Mr_Reyes on February 10, 2017, 03:50:34 PM
here is the problem;

the string looks like this, without the hostname set...

[6d:06h:02m:45s] NEXANS-00C029260F62:Port Link Change: Link-State=100FDX, Portnumber=1, Description=TP-1, Name=<none>

first a timestamp containting the running time, then the hostname, and then the syslog message
Title: Re: syslog message originating from nat network
Post by: Victor Kirhenshtein on February 23, 2017, 07:32:11 PM
Then NetXMS server cannot match it to correct device - there are just no enough information. You can setup syslog proxy on agent behind NAT so it will receive syslog messages from original addresses and forward to NetXMS server.

Best regards,
Victor
Text only | Text with Images