Hi,
I get the following error:
SyslogCollector - [Thread: SyslogObjectForwarder] ERROR, 27 Mar 2012 09:02:12,254, Could not send syslogs, removing the subscriber...Connection refused: connect
SyslogCollector - [Thread: SyslogObjectForwarder] ERROR, 27 Mar 2012 09:03:15,223, Could not send syslogs, removing the subscriber...Connection refused: connect
Syslog subscription seems ok but syslog messages are dropped and not forwarded:
I attached SyslogCollector.log, SyslogAnalyzer.log, AnalyzerDebug.log
Tnaks
HI,
Ignore these error messages as these comes often. What is important to note is if the Collector is subscibed properly.
What is important to check is if the counters are incrementing even if Filetered or Dropped and see for Received as well.
if so, please make sre your Filters are configured properly as only due to filter the Syslog message are not forwarded. Check different combinations which work, following is the way they work :
-If you DISABLE all the filters and have the filter type as KEEP, then all the syslog messages are processed (kept).
-If you DISABLE all the filters and have the filter type as DROP, then all the syslog messages are dropped. No filtering is done but everything will be dropped.
-If you ENABLE all the filters and have the filter type as KEEP, then all the syslog messages that match the filter criteria are processed.
-If you ENABLE all the filters and have the filter type as DROP, then all the syslog messages that match the filter criteria are dropped.
Check mine for example :
-Thanks
Vinod
Thanks Vinod for the explanation.
I restarted CiscoWorks process with "net stop crmdmgtd" and "net start crmdmgtd" and syslog are now forwarded correctly.
