Nagios Support Forum

N9k Syslog config :
logging server x.x.x.x 7 port 5544 use-vrf management
logging source-interface mgmt0

After configuring N9k with above configuration, NAGIOS Log server is not seeing any logs.

The NAGIOS Log server has the port 5544 open and below is the firewall config on the server :

public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client ssh
ports: 80/tcp 443/tcp 9300-9400/tcp 3515/tcp 5544/tcp 2056/tcp 2057/tcp 5693/tcp 5544/udp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:

[admin@Syslog-150 ~]$ netstat -nal | grep 5544
tcp6 0 0 :::5544 :::* LISTEN
tcp6 0 0 9.9.150.150:9300 9.9.39.121:45544 ESTABLISHED
tcp6 0 0 9.9.39.121:45544 9.9.150.150:9300 ESTABLISHED
tcp6 0 0 ::1:5544 ::1:42544 ESTABLISHED
tcp6 0 0 ::1:42544 ::1:5544 ESTABLISHED
udp 0 0 0.0.0.0:5544 0.0.0.0:*
udp6 0 0 :::5544 :::*

Please help me with the above issue..

I'd guess you need to do a tcpdump on the log server while watching the logging on the N9k. You may want to verify that the host can ping NLS and verify the port is open to NLS from the remote host point of view.

the N9k can ping the NLS. I am not able to do a tcpdump from NLS. Below is the output when I perform tcp dump

tcpdump src host x.x.x.x and tcp dst port 5544 and dst host x.x.x.x
tcpdump:

No traffic is seen

Is the N9k sending UDP or TCP?
Since ping works, it seems the port is blocked somewhere in between.