Why rsyslog does not process log messages from remote hosts?
Issue
- The
rsyslogd
daemon is set up to receive log messages from remote clients and listening on the UDP port, which has been verified open on firewalls. - Syslog messages from clients are being received on the network interface, but
rsyslog
does not process those. -
Messages, similar to the following, are visible in
/var/log/messages
, matching IP addresses of the clients:Oct 4 08:15:43 host.example.com kernel: [26988714.572081] IPv4: martian source <server_address> from <client_address>, on dev <interface>
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.