Nagios Support Forum

Hi cdienger

Following your last suggestion. Here is what the wireshark pcap data looked like. Please advice

Thanks,
Ali

What changes do I need to make in order to resolve this issue. Do I have to make any input config changes/ output config changes in NLS ? Or the is it the job of the SIEM to parse the correct log source IP ?

Thanks,
Syed

Please find the attached information ( Input config & Event Fields). I do see a host field in the Dashboard .
Input config NLS Thanks,
Syed

Hi Cdienger, Thank you for your response. Currently we are forwarding all applications and authentications logs from various application. In NLS we do see the source IP/hostname that's sending the logs to NLS. However when the logs are forwarded to SIEM the source IP for the logs shows the IP of NLS...

Hi All, We are in the process of forwarding our logs from NLS to a log collector Housed in the dmz Network that forwards logs to the SIEM. We have configured output in the global configuration to forward syslogs from NLS to the log collector. We see raw log coming in to SIEM with log source as NLS s...

Hi Support Team, We've encountered an error in our Nagios log server where in the server is not receiving logs from sources. What I 've tried so far: 1) checked the config file /etc/rsyslog.d/99-nagioslogserver.conf the entry shows *.*localhost:5544 2) checked if Firewall is not blocking the traffic...