After configuring your devices and installing NetVizura EventLog you should verify that:
Devices are exporting syslog and trap messages to the same port that NetVizura EventLog is listening to.
Messages are passing the network firewall and reaching the NetVizura Server
NetVizura Server Ports to which syslog and trap messages are sent is open
By default, syslog messages are exported from the devices to port 514, while NetVizura listens on the port 33514 in Linux systems and on the port 514 in Windows systems. If you use Linux systems, you need to (1) redirect syslog messages to the 33514 on NetVizura server, (2) export syslog messages to 33514 from device, or (3) change NetVizura EventLog configuration. Same applies to trap socket port. |
On Linux systems ports lower than 1024 can not be used by application, unless the root privileges are given to NetVizura EventLog. |
To change NetVizura EventLog configuration go to > Settings > EventLog Settings > Configuration and under Service options change the Socket port values.
Now is a good time to check if the system is working properly.
To do so, follow these steps:
Check the system for warnings or errors.
Click on the Show log arrow (in the bottom right corner). Any warnings or errors will be displayed as well as the instruction to resolve them.
Finally, check if the event logs are available
Go to Syslog/SNMP Trap tab. Logs should be shown on the graphs, this is a verification that the log data has been collected by the EventLog Collector.