After configuring your devices and installing NetVizura EventLog you should verify that:
Devices are exporting syslog and trap messages to the same port that NetVizura EventLog is listening to.
Messages are passing the network firewall and reaching the NetVizura Server
NetVizura Server Ports to which syslog and trap messages are sent is open
On this page:
By default, syslog messages are exported from the devices to port 514, while NetVizura listens on the port 33514 in Linux systems and on the port 514 in Windows systems. If you use Linux systems, you need to (1) redirect syslog messages to the 33514 on NetVizura server, (2) export syslog messages to 33514 from device, or (3) change NetVizura EventLog configuration. Same applies to trap socket port.
On Linux systems ports lower than 1024 can not be used by application, unless the root privileges are given to NetVizura EventLog.
To change NetVizura EventLog configuration go to >Settings > EventLog Settings > Configuration and under Service options change the Socket port values.
Checking the System
Now is a good time to check if the system is working properly.
To do so, follow these steps:
Check if the Collection port is set properly To see the Collection port number, go to >Settings > EventLog Settings > Configuration tab, and you will find the Service socket port field. Collection port number must match with the port number your network devices are logging events to.
Make sure data is collected Go to Syslog/SNMP Trap > System tab. Naturally, it is required that NetVizura server and exporters have network connectivity.
Check the system for warnings or errors. Click on the Show log arrow (in the bottom right corner). Any warnings or errors will be displayed as well as the instruction to resolve them.
Finally, check if the event logs are available Go to Syslog/SNMP Trap tab. Logs should be shown on the graphs, this is a verification that the log data has been collected by the EventLog Collector.