Support Center

No syslog data received or no log files being created

Last Updated: Sep 16, 2019 01:45AM PDT
Once you have installed Fastvue Syslog, and configured your settings on the initial configuration page, you should soon see syslog sources appear on the left hand side of the web interface.

If this doesn't occur, here is a trouble shooting checklist:

1. Try browsing to the web Interface using a different browser and/or machine.
The Fastvue Syslog web interface relies heavily on Javascript. If you are browsing to the web interface using IE on the Windows Server itself, the web UI may be having issues showing you the actual content, especially if IE ESC (Enhanced Security Configuration) is enabled.

Try browsing to the web interface using Google Chrome, or the latest edition of your favourite browser.

Alternatively, access the web interface from another machine such as your local desktop. To do this, browse to http://yourserver:47279, replacing ‘yourserver’ with the name or IP of the server you installed Fastvue Syslog on.

2. Check your devices are sending syslog traffic to the correct IP
Log into the device(s) sending syslog traffic and double-check the IP address they are sending too. Ensure this is an interface on the Fastvue Syslog machine.

3. Do not send UDP Syslog over an unmanaged/public connection.
Do not send UDP syslog traffic over a connection you do not have control over, such as the public internet, as it will likely be dropped somewhere along the line. You may have more luck using TCP, but ideally, we recommend configuring a site-to-site VPN between the sending device and the Fastvue Server or network so that you have direct control over how the syslog data is routed.

4. Check Windows Firewall 
The Fastvue Syslog installation will attempt to add a firewall rule to allow incoming syslog traffic. If there was an issue doing this, or you are using a different port, add a firewall rule to allow the incoming port. Here's a PowerShell script to allow port 514:

Alternatively, disable the Windows Firewall while testing the initial setup.

5. Check for Port Conflicts
If you are running another Syslog application that is also listing on port 514, or the syslog port(s) you specified during the initial configuration, then it is likely that you have a port conflict, and Fastvue Syslog cannot access the port.

To find out whether there is a port conflict on the Fastvue Reporter machine for port 514, open a command prompt and enter:
netstat -ano | find "514"

This will list all the processes on the machine using port 514 (it may also include other processes that have a substring of 514).

Note the Process ID, and then open Task Manager and go to the Services tab. You should be able to identify the other process by looking for the matching Process ID (PID).

If there is another process listening on Port 514, the easiest solution is to edit the listening ports in Fastvue Syslog and include a unique port such as 50514, and then change the syslog port on your device sending the syslog messages (if possible) to the same port.

Alternatively, uninstall the other application listing on the syslog port and restart the Fastvue Syslog service (via services.msc).

If you're still having issues, please get in touch!

Contact Us

  • Post a Public Question
  • Email Us
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found