BigIP version 10 and logs to remote syslog server

Can you confirm if your syslog setting is set properly. Dont have a v10 version to tell you the commands, is tmsh present in your version ?

tmsh list sys syslog

Sorry, I should've mentioned, I'm on v11, not 10. This is what I have configured:

[user@viprion:/S1-green-P:Active:In Sync] ~ tmsh list sys syslog sys syslog { remote-servers { remotesyslog1 { host x.x.x.x } remotesyslog2 { host y.y.y.y } remotesyslog3 { host z.z.z.z } remotesyslog4 { host a.a.a.a } remotesyslog5 { host b.b.b.b } remotesyslog6 { host c.c.c.c } } }

The port isn't showing up here but in the GUI its showing as 514

Do you have the routes set for the syslog servers,

tmsh list sys management-route

And search your syslog servers in it.

Yes I do, the two missing are sitting on the same subnet as the mgmt interface so they're not required:

They're all configured as /32 host routes, the default 0.0.0.0/0 uses the same gateway as the other /32s

[user@viprion:/S1-green-P:Active:In Sync] ~ tmsh list sys management-route sys management-route ArcSight { gateway [GATEWAY] network a.a.a.a/32 } sys management-route SYSLOG2 { gateway [GATEWAY] network c.c.c.c/32 } sys management-route SYSLOG1 { gateway [GATEWAY] network y.y.y.y/32 } sys management-route PRTG { gateway [GATEWAY] network x.x.x.x/32 } sys management-route default { description configured-statically gateway [GATEWAY] network default }

Interesting, have you also followed through this article already.

Yes mate, followed that as well. Got stuck at the final step:

Using the tcpdump utility to verify that syslog traffic is sent by the BIG-IP system

When manually generating a syslog message, nothing gets sent out to any configured syslog servers. Thought I'd ask the question to see if anyone else has had a similar problem before getting in touch with tech support.

Any thoughts from anyone?