Hey,
I am trying to set up a syslog-ng server on Linux (not in domain) and send the logs to a domain joined PRTG server on a device probe. (It's just default settings at the moment).
The problem is that I keep getting connection refused (111) from the syslog-ng server and when I run nmap on the prtg destination, I don't see port 514 as open, even though it should be running.
However when I run netstat -anob on the Windows machine with the Device probe I can see something is using the port, even when I tested with another port, that also came up.
I have checked Microsoft Firewall and Firewalld on Linux, but there should be nothing blocking the ports.
So I am kind of stumped as to what to do next, I tried watching the video they provided but there it just works without a hitch.
Is it because that the machine NEEDS to be in the domain, before prtg even wants something to do with it or am I missing something?
Article Comments
Dear hanz301,
Thank you very much for your contact and please apologize the long delay on this.
Please allow me to review your current setup and result of the sensor. For this, please upload a full-screen screenshot that covers the Overview and Settings tab of the Syslog sensor.
Please re-view the syslog-ng configuration once more and make sure that the connection to PRTG is UDP not TCP. Last but not least allow me to ask what PRTG version you are currently running?
Thank you very much in advance.
Sebastian
Feb, 2019 - Permalink
Hello, thanks for coming back to me.
I fixed it with much frustration, the fix was indeed UDP. But I also had to put the receiver on a local probe, before it actually wanted to pick up the messages.
Feb, 2019 - Permalink
Hello hanz301,
Thank you very much for your feedback. I'm glad to read that you was able to find a solution.
Best regards,
Sebastian
Feb, 2019 - Permalink
Is there no one that has had this setup before? TCPView also says that it is there running on the probe, but it's not listening
Feb, 2019 - Permalink