Cannot get any UDP/514 syslogs in

[itdomusfi]

(sorry a newbie question, but I've searched and tried every piece of advice and documentation I could find with no luck)
Basicly I cannot get any UDP/514 syslogs in???

My infilter looks like:
syslog {
type => 'network'
port => 514
}
also tried
udp {
type => 'syslog'
port => 514
}

eg. my (procurve) switch syslog config is
Syslog Configuration

Syslog Facility : syslog
Syslog Severity : debug
Syslog System Module : all-pass
Syslog Priority Description :

Syslog Server Details

Syslog Server Address L4 Port Syslog Control Descr
----------------------------------- --- ------ --------------------
192.168.xxx.yyy UDP 514

also tried:
Syslog Configuration

Syslog Facility : user
Syslog Severity : debug
Syslog System Module : all-pass
Syslog Priority Description :

Syslog Server Details

Syslog Server Address L4 Port Syslog Control Descr
----------------------------------- --- ------ --------------------
192.168.xxx.yyy UDP 514

I've configured LS to be able to use ports <1024 as well as user root user to allow privileged ports
Also the network is fine - there is a policy to allow UDP/514 to/from client to syslogserver

=> but STILL I cannot see any logsources that use UDP/514 (unfortunately we have many devices that we cannot configure to use any other than UPD/514)

more clues/guessing below:
Configuration setup for networking devices is still showing only port 5544???
Log Server IP/Hostname TCP/UDP Port
nagioslog.domus.dom 5544

Configuration section is showing: ONLY tcp6 and UDP6???
Logstash is currently collecting locally on: 192.168.xxx.yyy tcp6: 3515, 514, 2056, 5544, 2057udp6: 5544, 514

Thanks for any help & advice!

[scottwilkerson]

To listed on privileged ports (below 1024) there is a special procedure required, see this document:

https://assets.nagios.com/downloads/nag ... Server.pdf