We're setting up logging going to a Splunk syslog server and I've been asked if I can send it to a port other than default syslog port 514. Is this possible?
Unfortunately, I do not believe this is possible.
Unfortunately I figured that might be the answer. Thanks!
If this is something you need in your environment, submit a feature request on the ideas portal!
couldn't you just destation NAT to the port you want?
The below is if 192.168.1.36 is your controller and 10.10.10.10 is your syslog server. That last number of 200 in my example is what port you would like it changed to. You then apply it to your uplink port.
ip access-list session syslog-des-nat
host 192.168.1.36 host 10.10.10.10 svc-syslog dst-nat 200
interface gigabitethernet 0/0/0
trusted vlan 1-4094
ip access-group "syslog-des-nat" session
switchport mode trunk
Has anyone had success with the destination NAT solution mentioned in this thread? We have recently implemented Nagious for syslog messages and we are not able to use UDP 514 in our current setup.
You can raise your Request as an RFE at https://innovate.arubanetworks.com/
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2020 Hewlett Packard Enterprise Development LPAll Rights Reserved.