Hi,
Is the remote machine another LMS Server?
Condition: Syslog Analyzer cannot connect to Remote Syslog Collector
The connection issue might be seen if TCP ports 3333 and 4444, used by the syslog collector, are blocked.
In order to resolve the issue, you can release TCP ports 3333 and 4444 and restart the syslog service.
Condition: Syslog report shows as empty.
If you see an empty report, try to configure the log rotation with the logrot tool provided by CiscoWorks.
Issues with Database
Are you able to generate reports locally?
Syslog Filter Settings
Here is the information on the results for the various combinations of filter settings:
Scenario 1:
All filters are disabled.Mode:Keep
All messages will be forwarded.
Scenario 2:
All filters are disabled.Mode:Drop
All messages will be filtered.
Scenario 3:
At least one filter is enabled.Mode:Keep
Only those syslog messages that satisfy the enabled filters will be
forwarded and all others will be filtered.
Scenario 4:
At least one filter is enabled.Mode:Drop
Only those syslog messages that satisfy the enabled filters will be
filtered and all others will be forwarded
Lastly if you are trying to allow syslogs through a firewall you need to allow udp/514
Hope this gets you pointed in the right direction.