I installed a Syslog Receiver sensor on a server with Windows 2008 R2, I am not receiving data. I understand that, software should be installed on the server. Is that correct? if so, what software should I install? Thank in advance.

Article Comments

Hey Enrique,

this is not as easy as it looks like. It is possible to do it, on a own server. This server has to be in PRTG monitoring and of course, there has to be an Syslog sensor. In the sensor, you can set up the "port" what he is listening to and here is an example how to do it :).

The receiver isn't necessary but useful. With it you can handle it easier.

  1. Install an syslog receiver (like Kiwi) on a server, should also work on PRTG server, but with performance issues
  2. set up syslog receiver for syslog port (standard 514) and filter the messages to them you wanted to display in PRTG
  3. send them to another port on your localhost, ex. 1514 and activate the rule
  4. Set up an syslog sensor and write down the chosen port

Now you have to send some messages, by example with logger on a unix system. A few moments later you should be able to see your messages.

This is a use case what worked a long time.

If not be sure to check this:

  • The server/switch/hardware is sending to your server with receiver
  • All settings are right
  • Test sending a syslog with logger to another server or directly to the server with PRTG Syslog sensor.

Maybe this will fix your question.

Best

Sascha


Dec, 2014 - Permalink

Yes, you have to install a software agent that converts Windows log events into Syslog messages and forwards them to the PRTG probe on every server that should serve a Syslog Receiver Sensor. An example of such an agent is NTSyslog: http://ntsyslog.sourceforge.net/


Dec, 2014 - Permalink