Forum Discussion
Dave_20206
Nimbostratus
Nimbostratusconfig sync and syslog-ng
I am having a problem with syslog and config sync. Config sync is sending/pulling the remote-servers name and removing the local-ip I have configured on the local device.
Platform Name = BIG-IP 3600
Software Version = BIG-IP v11.1.0 (Build 2027.0)
I have added the below and I se traffic going oout the desired interface.
config tcpdump port 514
tcpdump: WARNING: eth0: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 96 bytes
11:41:07.942890 IP 192.186.1.100.52793 > 10.10.10.10.syslog: SYSLOG local6.info, length: 176
11:41:07.942915 IP 192.186.1.100.52793 > 10.10.10.10.syslog: SYSLOG local6.info, length: 193
11:41:13.948280 IP 192.186.1.100.52793 > 10.10.10.10.syslog: SYSLOG local6.info, length: 176
11:41:13.948328 IP 192.186.1.100.52793 > 10.10.10.10.syslog: SYSLOG local6.info, length: 193
11:41:14.603684 IP 192.186.1.100.52793 > 10.10.10.10.syslog: SYSLOG daemon.debug, length: 98
^C
5 packets captured
8 packets received by filter
0 packets dropped by kernel
The boxes have multiple firewalled self IP adresses and I must have the syslog go out through the mgt. interface(10.10.10.10).
BIP1
sys syslog {
remote-servers {
BIP1 {
host 10.10.10.10
local-ip 192.186.1.100
}
}
}
BIP2
sys syslog {
remote-servers {
BIP2 {
host 10.10.10.10
local-ip 192.186.1.101
}
}
}
etc/syslog-ng
Until I "config Sync" and then end up with this which bnreaks it.
list /sys syslog remote-servers
sys syslog {
remote-servers {
CSCBIPNDCNPS1 {
host 10.10.10.10
}
}
}
I looked at the /usr/libdata/configsync/cs.dat file and do not see /etc/syslog-ng in the file.
1 Reply
Try using this solution:
http://support.f5.com/kb/en-us/solutions/public/13000/000/sol13083.html
Emphasis on the part:
modify /sys syslog remote-servers add { {host remote-port }}
For example:
modify /sys syslog remote-servers add {server{host 10.1.1.1 remote-port 514}}
