Syslog Monitoring Feature Pack



Similar documents
Knowledge Base Articles

Tracking Network Changes Using Change Audit

Security Correlation Server Quick Installation Guide

Application Discovery Manager User s Guide vcenter Application Discovery Manager 6.2.1

Security Correlation Server Quick Installation Guide

Dell SupportAssist Version 2.0 for Dell OpenManage Essentials Quick Start Guide

TSM for Windows Installation Instructions: Download the latest TSM Client Using the following link:

LogLogic Trend Micro OfficeScan Log Configuration Guide

Virtual Office Remote Installation Guide

Smart Cloud Integration Pack. For System Center Operation Manager. v User's Guide

RSA Authentication Manager

vcenter Server Appliance Configuration

Configuring and Monitoring Database Servers

User Manual. Onsight Management Suite Version 5.1. Another Innovation by Librestream

DC Agent Troubleshooting

Practice Fusion API Client Installation Guide for Windows

Determine the process of extracting monitoring information in Sun ONE Application Server

How to Remotely View Security Cameras Using the Internet

XStream Remote Control: Configuring DCOM Connectivity

LDAP Server Configuration Example

EventTracker: Integrating Imperva SecureSphere

Volume SYSLOG JUNCTION. User s Guide. User s Guide

WhatsUpGold. v3.0. WhatsConnected User Guide

WhatsUp Event Alarm v10.x Listener Console User Guide

Integrating LANGuardian with Active Directory

Windows Service Monitoring

Installation and Configuration Guide

Administering Cisco ISE

Integrating Trend Micro OfficeScan 10 EventTracker v7.x

IBM WebSphere Application Server Version 7.0

Deploying Microsoft Operations Manager with the BIG-IP system and icontrol

orrelog SNMP Trap Monitor Software Users Manual

Running custom scripts which allow you to remotely and securely run a script you wrote on Windows, Mac, Linux, and Unix devices.

Discovery Guide. Secret Server. Table of Contents

Using Logon Agent for Transparent User Identification

Install MS SQL Server 2012 Express Edition

Team Foundation Server 2010, Visual Studio Ultimate 2010, Team Build 2010, & Lab Management Beta 2 Installation Guide

Using the VCDS Application Monitoring Tool

Kaseya 2. Quick Start Guide. for Network Monitor 4.1

NEWTECH INFOSYSTEMS, INC. NTI Backup Now EZ. NTI Backup Now EZ User's Guide

Installing Active Directory

Attix5 Pro Server Edition

EventSentry Overview. Part I About This Guide 1. Part II Overview 2. Part III Installation & Deployment 4. Part IV Monitoring Architecture 13

Network Probe User Guide

NMS300 Network Management System

vcenter Operations Management Pack for SAP HANA Installation and Configuration Guide

How to integrate Verax NMS & APM with Verax Service Desk

IBM Sterling Control Center

Cisco Setting Up PIX Syslog

How to Program a Commander or Scout to Connect to Pilot Software

Symantec Event Collectors Integration Guide for Symantec Security Information Manager 4.7

Kaseya 2. User Guide. Version R8. English

How To Set Up A Backupassist For An Raspberry Netbook With A Data Host On A Nsync Server On A Usb 2 (Qnap) On A Netbook (Qnet) On An Usb 2 On A Cdnap (

Net Report Configuration Guide for WMI on Windows 2000 & XP

Setting up DCOM for Windows XP. Research

Viewing and Troubleshooting Perfmon Logs

1.6 HOW-TO GUIDELINES

WEBCONNECT INSTALLATION GUIDE. Version 1.96

SOA Software API Gateway Appliance 7.1.x Administration Guide

NetIQ Sentinel Quick Start Guide

Changing Your Cameleon Server IP

XMS Quick Start Guide

CONSOLEWORKS WINDOWS EVENT FORWARDER START-UP GUIDE

How To Create An Easybelle History Database On A Microsoft Powerbook (Windows)

Integrate ExtraHop with Splunk

How To Industrial Networking

Deploying Windows Streaming Media Servers NLB Cluster and metasan

Management, Logging and Troubleshooting

HotelTV2. Easy Start Guide REV A0.6 D October. Web : Mail : support@vestek.com.tr Tel :

Diagnostic Manager. User Guide. Publication Date: September 04, 2015

Network Load Balancing

IBM Security QRadar SIEM Version MR1. Log Sources User Guide

Step-By-Step Guide to Deploying Lync Server 2010 Enterprise Edition

Wakanda Studio Features

ECA IIS Instructions. January 2005

IIS, FTP Server and Windows

Virtual CD v10. Network Management Server Manual. H+H Software GmbH

Configuring Network Load Balancing with Cerberus FTP Server

Workflow Automation Support and troubleshooting guide

IceWarp to IceWarp Server Migration

How To Run Anolicense Server On A Windows 7.5 (For Free) Or 8 (For Ubuntu) Or For Free (For Microsoft) (For Linux) (Or For Free) ( For

Kramer Electronics, Ltd. Site-CTRL and Web Access Online User Guide (Documentation Revision 2)

Skybot Scheduler Release Notes

There are numerous ways to access monitors:

How To Install An Aneka Cloud On A Windows 7 Computer (For Free)

How To Configure Syslog over VPN

LANDESK Service Desk. Desktop Manager

Sophos Enterprise Console Help. Product version: 5.1 Document date: June 2012

fåíéêåéí=péêîéê=^çãáåáëíê~íçêûë=dìáçé

NetIQ Advanced Authentication Framework - MacOS Client

Using WhatsUp IP Address Manager 1.0

Installing GFI MailSecurity

HP IMC User Behavior Auditor

Installation Notes for Outpost Network Security (ONS) version 3.2

Veritas Cluster Server Database Agent for Microsoft SQL Configuration Guide

Network Event Viewer now supports real-time monitoring enabling system administrators to be notified immediately when critical events are logged.

IBM Security QRadar Version (MR1) WinCollect User Guide

Web VTS Installation Guide. Copyright SiiTech Inc. All rights reserved.

NETWRIX EVENT LOG MANAGER

Transcription:

AdventNet Web NMS Syslog Monitoring Feature Pack A dventnet, Inc. 5645 G ibraltar D rive Pleasanton, C A 94588 USA P ho ne: +1-925-924-9500 Fa x : +1-925-924-9600 Em ail:info@adventnet.com http://www.adventnet.com nms - s upport@adventnet.com 2003A dventnet Inc. A ll Rights Reserved.

Table of Contents MONITORING SYSLOG USING WEB NMS...2 CONFIGURING SYSLOG STARTUP AND FORWARDING...5 CONFIGURING SYSLOG AT RUNTIME...8 EXAMPLE OF SYSLOG MONITORING IN WEB NMS...13 TROUBLESHOOTING TIPS...15 AdventNet Inc. 1

Monitoring Syslog Using Web NMS What is Syslog? Syslog Monitoring Features Prerequisites About WMI System Requirements How It Works in Web NMS? Syslog Monitoring in Web NMS RME Version What is Syslog? Some Definitions on the Web 1. The GNU/Linux System Logger, where all system messages or errors are stored. 2. SYSLOG allows you to log significant system information to a remote server. 3. System Log 4. A method of collecting together message logs from many systems. Each system sends short text messages to a syslog recorder. The recording system may record these in any desired manner including writing them to a file, sending them on to other systems, and printing them. Syslog messages are transported by UDP datagrams sent to port 514. Syslog Monitoring Features Syslog Monitoring is supported in Windows, Unix, Routers, etc. Web NMS server acts like centralized Syslog server The Web NMS server listens on UDP Port 514 for Syslog Messages Windows Syslog Monitoring is achieved through WMI Effective GUI to customize Syslog message filters at runtime. Syslog messages are converted into events with user-defined filter criterion. Syslog events can be viewed in normal Web NMS Events View. Runtime enabling/disabling of syslog monitoring is possible Prerequisites For syslog monitoring in Windows, WMI must be installed. This is available by default in Windows 2000 and higher versions. This needs to be installed separately in Windows NT. About WMI WMI refers to Windows Management Instrumentation. It is an implementation for Web-Based Enterprise Management (WBEM). It uses Common Information Model (CIM) industry standard to represent systems, applications, networks, devices, and other managed components in an enterprise environment. Through WMI, a client application can request information from, and send instructions to, the managed object. System Requirements The hardware and software requirements for the Syslog Feature Pack are same as that of Web NMS. For more information on the supported system requirements, refer to Hardware Requirements and Software Requirements pages in the Installation Guide of Web NMS. Note: Database schema is currently available only for MySQL, Oracle, and Sybase. Support will be extended for other databases on a need basis. AdventNet Inc. 2

How It Works in Web NMS? The health of the systems in networks are monitored easily if you have an access to the syslog. In AdventNet Web NMS, you can monitor the syslog messages for the discovered devices. Workflow 1. The Web NMS server acts like a centralized Syslog server that collects messages from different monitored devices. 2. The syslog messages are collected and parsed as Web NMS events based on some filter criteria defined in the configuration file. The message filter is customizable. 3. The events are stored in the Events table in the Web NMS database. 4. These events are then correlated as alarms and are stored in Alerts table in the database. 5. You can connect the client to the Web NMS server to see the events and alarms displayed. You can also create custom views to display only the Syslog events. That is, in Linux and Solaris platforms, the syslog will be in a readable format. The syslog messages are forwarded to the server.. The Web NMS Server listens for these messages on UDP Port 514. In Windows, you can view the syslog through its event viewer (In Windows 2000, from Start menu, select Settings --> Control Panel -->Administrative Tools --> Event Viewer). These are represented as Web NMS events using WMI scripting API. The syslog stores different types of log messages. AdventNet Inc. 3

Syslog Monitoring in Web NMS RME Version Web NMS RME is the distributed edition of Web NMS. The Mediation Server is the distributed component. This edition, facilitates remote monitoring of network resources from a single console. Contact nms-support@adventnet.com for more details on Distributed Mediation Server. 1. In Web NMS RME, the remote Distributed Mediation Server ( DMS ) acts as the centralized syslog server. It collects the syslog messages from the monitored devices in the remote network(s). 2. The syslog messages are parsed and converted into Web NMS events. 3. These events are then communicated to the Central Server where they are correlated as alarms. Note: In Web NMS RME, when you configure syslog.conf in the forwarding devices, ensure to provide the host name as the name of the device in which the DMS is installed. AdventNet Inc. 4

Configuring Syslog Startup and Forwarding Forwarding Syslog Messages Example: Forwarding Syslog Messages From Linux Device Example: Forwarding Syslog Messages From Routers Configuring Startup Options Enabling Syslog Monitoring For All Windows Devices at Startup Forwarding Syslog Messages The discovered resources must be configured to forward the syslog messages to the server so as to enable syslog monitoring. In Web NMS, 1. The system (Linux/Solaris/routers) forwards the syslog messages to the server. 2. The server listens on UDP port for these messages. In this topic, we have provided examples to forward syslog messages from a Linux device and a router to the Web NMS server. Example: Forwarding Syslog Messages From Linux Device Following is an example explaining how to configure a Linux device to forward syslog messages to the Web NMS server. 1. Log on to the Linux device (whose messages you want to forward to the server) as a super user. 2. Enter the command - vi /etc/syslog.conf to open the configuration file called syslog.conf. 3. Enter *.* and press the Tab key and enter the name of the host machine where the server is running. For example, *.* @test 4. Restart the syslog service using the command /etc/rc.d/init.d/syslog restart. Note: If the Web NMS server is running in a Linux device, you need to make the following configuration in the server to receive the forwarded messages. In Linux devices, by default, the syslog daemon occupies the port 514. This port must be freed in the machine where the Web NMS server is running, so that it listens for syslog messages at 514 port. You can change the port number for the syslog daemon so that port 514 can be used by the server. The steps are explained below. Log into the Linux device (where the Web NMS server is running) as a super user. Enter the command vi /etc/services to open the file. In the services file, all the services and their corresponding port numbers are listed. Under the Unix-specific services, the syslog service will be listed, with its port as 514/udp. Ensure that the port number is not occupied by some other service (you can configure a different port if the default port is occupied). Restart the syslog service using the command /etc/rc.d/init.d/syslog restart. [OR] You can configure a different port for the Web NMS server to listen for syslog messages. The port number is configured in the file called NmsProcessBE.conf, located in <Product Home>/conf directory. But, the UDP port must be same for the forwarding devices and the device where the server is running. So, it is mandatory that you change the port number in all the forwarding devices. AdventNet Inc. 5

Example: Forwarding Syslog Messages From Routers To enable syslog monitoring in router and redirect the log message to the syslog server: 1. Telnet to the router machine as telnet <router>. 2. Type the command enable at the prompt to set to 'enable' mode. 3. You will be prompted to enter the password. Enter the correct password. 4. Now, type the command config at the prompt. 5. Choose terminal configuration. 6. After this, type logging <IP address of the host device where NMS server is running> at the command prompt. For example, logging <192.168.5.120>. This is done to enable forwarding of messages to the Web NMS server. After the above steps are performed, the router logs the syslog messages onto the server at port 514 by default. Configuring Startup Options There are a few startup options that you can configure in NmsProcessesBE.conf located in <Product Home>/conf directory. Configuring these parameters are not mandatory. Default values will be taken if you do not specify in the configuration file. See the table given below for details: Configuring NmsProcessesBE.conf Sl.No Parameter Description 1 SYSLOG_SERVER_PORT The argument for this parameter is the port number at which the server must listen for syslog messages. The default Syslog UDP port is 514. Example entry: SYSLOG_SERVER_PORT 514 2 LOCAL_SYSLOG_FILE_NAME * The argument for this parameter is the name of the file in which the syslog messages for the local machine are stored. Example entry: LOCAL_SYSLOG_FILE_NAME /var/log/messages 3 LOCAL_SYSLOG_MONITOR_INTERVAL* The argument for this parameter is the time interval in seconds at which Syslog is monitored in the local machine. Example entry: [LOCAL_SYSLOG_MONITOR_INTERVAL 300 4 MONITOR_LOCAL_SYSLOG * The argument for this parameter can either be true or false. If Syslog is to be monitored for the device where theweb NMS server is running, the value is set as true, else it is set as false. Example entry: MONITOR_LOCAL_SYSLOG true 5 WMI_MONITOR_INTERVAL This parameter is applicable only for Windows devices. The value for this parameter is time interval in seconds, at which the Windows devices are monitored for syslog events.. * Applicable only to Unix devices. Example entry: WMI_MONITOR_INTERVAL 300 AdventNet Inc. 6

Enabling Syslog Monitoring For All Windows Devices at Startup By default, syslog monitoring is not enabled for all the devices. But, for Windows devices, you have an option to configure syslog monitoring before the Web NMS server startup. This configuration is effected in NmsProcessesBE.conf located in <Product Home>/conf directory. The following three parameters must be passed as arguments to the syslog process: DEFAULT_WMI_MONITOR true : Enables default syslog monitoring for all Windows devices. WMI_USERNAME <user name> : Takes the user name as input. WMI_PASSWORD <password> : Takes the corresponding password as input. The entry for the same in NmsProcessesBE.conf will be as shown below: #com.adventnet.nms.syslog.server.standalonesyslogprocess [SYSLOG_SERVER_PORT port] [LOCAL_SYSLOG_FILE_NAME filename] [LOCAL_SYSLOG_MONITOR_INTERVAL interval] [MONITOR_LOCAL_SYSLOG true/false] [WMI_MONITOR_INTERVAL monitor interval] [DEFAULT_WMI_MONITOR true/false] [WMI_USERNAME username] [WMI_PASSWORD password] PROCESS com.adventnet.nms.syslog.server.standalonesyslogprocess ARGS SYSLOG_SERVER_PORT 514 DEFAULT_WMI_MONITOR true WMI_USERNAME <username> WMI_PASSWORD <password> MONITOR_LOCAL_SYSLOG true Example #com.adventnet.nms.syslog.server.standalonesyslogprocess [SYSLOG_SERVER_PORT port] [LOCAL_SYSLOG_FILE_NAME filename] [LOCAL_SYSLOG_MONITOR_INTERVAL interval] [MONITOR_LOCAL_SYSLOG true/false] [WMI_MONITOR_INTERVAL monitor interval] [DEFAULT_WMI_MONITOR true/false] [WMI_USERNAME username] [WMI_PASSWORD password] PROCESS com.adventnet.nms.syslog.server.standalonesyslogprocess ARGS SYSLOG_SERVER_PORT 514 DEFAULT_WMI_MONITOR true WMI_USERNAME administrator WMI_PASSWORD admin MONITOR_LOCAL_SYSLOG true Note: The name of the syslog process varies for Standard/Professional from that of RME. The process name in different editions are: Standard and Professional editions: StandaloneSyslogProcess Remote Management edition (RME) : RegionalSyslogProcess AdventNet Inc. 7

Configuring Syslog at Runtime Configuring Syslog Filter Criteria Modifying Existing Filter Criteria Adding a New Event Type with Match Criterion Enabling and Disabling of Syslog Monitoring Vewing Syslog Events Using Custom View Configuring Syslog Filter Criteria At runtime, you can configure filtering of syslog messages. For a syslog message, the fields on which a filter can be applied are Message: Text of the log message Source: Host from where the log originated Category: Process that generated the log Severity: Priority level of the log The allowed values for the Severity criterion in Windows and Unix devices are given below: Severity in Windows Severity in Unix Critical, Warning, Success, Information, Failure Emergency, Critical, Warning, Information, Alert, Error, Notice, Debug AdventNet Inc. 8

Modifying Existing Filter Criteria To view and modify default syslog events 1. Go to Tools-->Runtime Administration. 2. From the Runtime UI, select the node Syslog Filtering in the left tree. The corresponding UI opens on the right. Default conditions for Info, Warning, and Critical severity are given. 3. To modify the severity for any particular severity type, select the required type (for example, Info-Event) in the tree. 4. From the Filter Rules column in the right, select the required match key, match condition, and match value (you can also add or delete match conditions) in the match criteria table. 5. Click More button to specify more match conditions (if required). 6. After specifying the match conditions, select the required severity type from the Generate the event with Severity as combo box. 7. Click Apply. Adding a New Event Type with Match Criterion To add new event type and provide match conditions for it 1. Go to Tools-->Runtime Administration. 2. From the Runtime UI, select the node Syslog Filtering in the left tree. The corresponding UI opens on the right. 3. Click button at the bottom to generate a new event type. The default name will be New-Event. For this event (it must be unique), you can specify the severity, match conditions, etc. 4. In the Filter Rules column on the right, select the Match Key from the corresponding combo box. Example:Category 5. Select the match condition from the corresponding combo box. Example:equals 6. Select the match value from the corresponding combo box and enter. Example: SNMP 7. Specify more conditions if required (click More button to achieve this). 8. To match all the specified conditions, select the Match all of the following radio button above the Match Criteria table and to match any of the specified conditions, select the Match any of the following radio button. 9. Select the required severity by selecting from the Generate the event with Severity as combo box. 10. Click the Apply button for the new Syslog Event type to be added. Enabling and Disabling Syslog Monitoring Enabling Syslog Monitoring Syslog monitoring is not triggered by default. You must enable the option. The option to enable syslog monitoring for a device is provided as an object-specific menu. Steps to achieve the same are given below. To enable/disable syslog monitoring for a device, 1. From the left tree in the client, select the Network Database node. The discovered devices are displayed on the right panel. 2. Select the device for which you want to configure syslog monitoring. 3. Right-click the selected device. A menu pops up. 4. Select the menu option Node (or SNMP-Node)-->Configure Syslog. AdventNet Inc. 9

4. A Sylog Configuration dialog pops up. By default, the protocol is set correctly for SNMP nodes. If you are configuring for a 'Node', select the right protocol. If the Node is a Windows device, select WMI, and if it is a Linux device, select UDP as the protocol. Configuring Windows Monitoring: Select the protocol as WMI. Provide the user name and password for the device, in the corresponding text fields. Click OK. AdventNet Inc. 10

Configuring Linux Monitoring: Select the protocol as UDP. Click OK. Disbaling Syslog Monitoring In the Syslog Configuration dialog, the option Enable Syslog Monitoring is selected by default. To disable syslog monitoring for a device, 1. Select and right-click the device. 2. Select Configure Syslog menu. 3. In the Syslog Configuration dialog, remove selection for the option Enable Syslog Monitoring. 4. Click OK. Syslog monitoring is disabled for that device, till you enable it again. Refer to Viewing Syslog Events Using Custom Views to know how the syslog events can be filtered from the normal Web NMS events in the client. Viewing Syslog Events Using Custom View The syslog events can be viewed in the normal event viewer. Select any 'Events' node in the Web NMS tree. The events list on the right will display all events including syslog events. To view the syslog events separately, you can create a custom view as follows: 1. From the tree on the left, select the events node for which you want to filter out the syslog events. 2. Right-click the events node and select the option Add Custom View. 3. Enter a name for the custom view in the Filter View Name field. AdventNet Inc. 11

4. Enter the value for Category field as Syslog. 5. Click the Apply Filter button. The syslog events will be filtered and displayed in the created custom view. The event generated from syslog monitoring has its source as the machine from which the log originated, category as syslog, message as the log text, entity as the host:facility (facility is the subprocess that generated the event), and severity as the priority set in the log message. An example syslog event generated would be as below: Status:Warning Source:test-advent1 Message:authentication failure Entity:advent-login Category:Syslog AdventNet Inc. 12

Example of Syslog Monitoring in Web NMS Objective Prerequisites Steps to Configure Syslog Monitoring Configure the Device to Forward Syslog Messages Create Message Filter Enable Syslog Monitoring for the Device Viewing the Syslog Events Testing Objective To demonstrate Syslog Monitoring for an application in a device, using Web NMS. Let us assume that the device name is test-advent, and the application monitored for syslog messages, is an Oracle service running in test-advent. Prerequisites 1. The Web NMS server must essentially be running in a WMI-enabled Windows device. 2. You must have installed the Syslog Feature Pack over Web NMS (Standard, Professional, and Remote Management editions). 3. Ensure that the device for which you want to configure syslog monitoring (test-advent) is already discovered by Web NMS. Steps to Configure Syslog Monitoring Following are the steps to perform syslog monitoring using Web NMS: 1. Configure the device to forward syslog messages (other than Windows devices). 2. Create a Message Filter. 3. Enable Syslog Monitoring for the Device. Configure the Device to Forward Syslog Messages If the device from which you want to forward syslog messages is a linux device, then you must configure the device to forward the syslog messages to the device where the Web NMS server is running. Refer to Forwarding Syslog Messages section for detailed configuration steps. You need not make any specific configurations if the device is of Windows type. Creating Message Filter Let us assume you want to monitor the syslog messages for the Oracle service with Error severity. So, you must first create a filter to isolate only events with Error severity, and convert them into Web NMS events. To create the filter, 1. From the menu bar, select Tools-->Runtime Administration. The RTA UI is invoked. 2. From the Categories list, select Fault-->Syslog Filtering. Default message filters are displayed on the right. 3. Select and right-click these filters and click the Delete menu. All the existing filters will be deleted. 4. Now, right-click the root node (Syslog) and click Add. New filter will be added. Edit the name of the filter as Error. AdventNet Inc. 13

5. In the Filter Rules column on the right-side, specify the match criterion as follows: Match Key Match Condition Match Value Category contains Oracle Severity equalsignorecase Error 6. Select the radio button corresponding to the field Match all of the following. 7. Click Apply. Enabling Syslog Monitoring for the Device After you create the filter, you must enable syslog monitoring in the required Windows device as follows: 1. Select the device test-advent from the Network Map. 2. Right-click the device and select the Node/Snmp-Node -->Configure Syslog menu. 3. In the Syslog Configuration dialog, select the protocol as WMI. 4. Provide the User Name and Password for the device in the corresponding text fields. 5. Check the Enable Syslog Monitoring option. 6. Click OK. Viewing the Syslog Events The Syslog messages are converted into Web NMS events, and can be viewed from the event viewer in Web NMS. You can also create a custom view as given below to view the syslog events separately: 1. From the tree on the left, select the events node for which you want to filter out the syslog events. 2. Right-click the events node and select the option Add Custom View. 3. Enter a name for the custom view in the Filter View Name field. 4. Enter the value for Category field as Syslog. 5. Enter the name of the device for Source field, as test-advent. 6. Click the Apply Filter button. Testing You can test to see if syslog monitoring is done as per the specified filter, by triggering an event. As we have considered Oracle application in this example, you can stop and restart the Oracle service to see if syslog message is generated, filtered, and converted as a Web NMS event. You can also view this event in the custom view if you have created one. Similarly, you can configure syslog monitoring for other applications in the required devices. AdventNet Inc. 14

Troubleshooting Tips The following table lists the possible problems you can encounter when configuring Syslog monitoring. Sl.No Problems/Error Messages Solution 1 Syslog events are not collected for the configured device. Check if the correct protocol is selected for the configured device. For Linux, select UDP, and for Windows, select WMI. 2 Syslog monitoring does not happen for Windows devices. 3 Fatal: could not create input socket on port 514. The Web NMS server must essentially run in a WMI-enabled Windows device. In Web NMS RME, the Distributed Mediation Server (DMS) must be running in a WMI-enabled Windows device. Check if the UDP port 514 is occupied. If so, change the port number by editing SYSLOG_SERVER_PORT parameter in <Product Home>/conf/NmsProcessesBE.conf file. Ensure that the new port is not occupied. You can also free port 514. Restart the server. AdventNet Inc. 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information