Setting up McAfee EPO to send syslogs to Nagios Log Server

This support forum board is for support questions relating to Nagios Log Server, our solution for managing and monitoring critical log data.
Locked
klg
Posts: 6
Joined: Mon Jul 22, 2019 7:57 am

Setting up McAfee EPO to send syslogs to Nagios Log Server

Post by klg »

I am attempting to set up syslog forwarding from the McAfee ePolicy Orchestrator to my Log Server. I have followed the steps outlined in this document (https://assets.nagios.com/downloads/nag ... th-SSL.pdf), verified and applied the steps sucessfully. However, when I log into EPO, set up the forwarding, and click on "Test Connection", it says connection failed. Is there a step I am missing?
Top
ssax
Dreams In Code
Posts: 7682
Joined: Wed Feb 11, 2015 12:54 pm

Re: Setting up McAfee EPO to send syslogs to Nagios Log Serv

Post by ssax »

Please SSH into the Log Server system and install tcpdump:

Code: Select all

yum install tcpdump
Then run this command and leave it running:
- Change X.X.X.X to the IP of your EPO server

Code: Select all

tcpdump -nni any host X.X.X.X
Now do the EPO test again, do you see any packets in the tcpdump output? If not, it's being blocked by something in-between such as a firewall/IPS/proxy/security device.

Is the EPO server a Windows or Linux system?
Top
Locked

Return to “Nagios Log Server”