Hi,
I see that nxlog doesn't support IPv6. Are you aware of any Windows log senders that do?
What other IPv6 issues are known? Just about everything in our network is supposed to be on IPv6, but a few hosts will be IPv4.
Log server and IPv6
Re: Log server and IPv6
syslog-ng and rsyslog should both support ipv6 in some form or another. I don't think anything special needs to be done with the rsyslog configurations, but syslog-ng has the tcp6() and udp6() destination modules specifically for that purpose. If you know a specific machine *should only* be using ipv6, you can force rsyslog into using ipv6 exclusively as a safety measure.
We haven't done extensive testing in big ipv6 environments, and i've only ever seen one setup in production where the bulk of their communications were on ipv6, but I was able to send logs over ipv6 with rsyslog and syslog-ng from both a Linux box and a Windows box without too many issues. Both rsyslog and syslog-ng can be a bit touch-and-go when setting them up in a Windows environment though.
We haven't done extensive testing in big ipv6 environments, and i've only ever seen one setup in production where the bulk of their communications were on ipv6, but I was able to send logs over ipv6 with rsyslog and syslog-ng from both a Linux box and a Windows box without too many issues. Both rsyslog and syslog-ng can be a bit touch-and-go when setting them up in a Windows environment though.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: Log server and IPv6
Yes, I've read about mixing v4 and v6 and problems, that makes sense.
I'm not sure what big is, but this is ~125-150 hosts.
So you used the Windows rsyslog from Adiscon for the windows rsyslog agent? If not which product?
Keep in mind, I require support, so a pure open source solution is a problem...
I'm not sure what big is, but this is ~125-150 hosts.
So you used the Windows rsyslog from Adiscon for the windows rsyslog agent? If not which product?
Keep in mind, I require support, so a pure open source solution is a problem...
Re: Log server and IPv6
Correct, but it's worth mentioning this agent is not strictly "free" though i'm not sure what limitations exist for the trial version. You'd have to do a bit of research into that.gormank wrote:So you used the Windows rsyslog from Adiscon for the windows rsyslog agent?
On the plus side, setting it up was vastly easier than setting up syslog-ng and NLog.
I didn't have to anything more sophisticated than use the NLS machine's ipv6 address like so:
Which lead to the following result for my eventlog entries (i'm not applying any sort of proper filtering here):
You do not have the required permissions to view the files attached to this post.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: Log server and IPv6
Actually, I'm looking for a not free product so I at least in theory get support to satisfy a management requirement...
This looks great.
Thanks!
This looks great.
Thanks!
Re: Log server and IPv6
Sure thing! Any other questions regarding agents or ipv6 related items?
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: Log server and IPv6
No, you can close.
Thanks!
Thanks!