NXLog search
Let's talk Start free
Let's talk Start free

apr_sockaddr_info failed

Tags: NXLog Community Edition
#1 NOurdine (Last updated )

 Hello there i try to forward logs radius to my elastic siem , i got this error when executing nxlog.exe -f  :2024-10-07 11:16:37 INFO nxlog-ce-3.2.2329 started2024-10-07 11:16:37 INFO reconnecting in 1 seconds2024-10-07 11:16:37 ERROR apr_sockaddr_info failed for 172.19.14.51  # IP du serveur distant:514; Unknow Host.

 

Here is the config (without ip for privacy) 


: <Extension _syslog>  

 Module      xm_syslog

</Extension>

<Extension xml>   Module      xm_xml

</Extension>

<Input radius_log>   

     Module      im_file 

     File        "D:\NPS\NPS Logs\IN2410.log" 

    SavePos     TRUE   

    ReadFromLast TRUE   

    PollInterval 1   

    Exec        parse_xml("/Event");

 </Input>

<Output remote_syslog>   

     Module      om_udp   Host         # IP SRV FORWARD   

     Port        514</Output>

<Route radius_to_remote>   

  Path        radius_log => remote_syslog

</Route>

 

Is it possible to get everything in the source folder not just one ?


 Because the name change everymonth , example : october  :IN2410.logNovember: IN2411.log December: IN2412.log   etc Please 

 

Thnaks a lot

Permalink
#2 Emeka Nwankwo Nxlog ✓
#1 NOurdine
 Hello there i try to forward logs radius to my elastic siem , i got this error when executing nxlog.exe -f  :2024-10-07 11:16:37 INFO nxlog-ce-3.2.2329 started2024-10-07 11:16:37 INFO reconnecting in 1 seconds2024-10-07 11:16:37 ERROR apr_sockaddr_info failed for 172.19.14.51  # IP du serveur distant:514; Unknow Host. Here is the config (without ip for privacy) : <Extension _syslog>   Module      xm_syslog</Extension><Extension xml>   Module      xm_xml</Extension><Input radius_log>        Module      im_file      File        "D:\NPS\NPS Logs\IN2410.log"     SavePos     TRUE       ReadFromLast TRUE       PollInterval 1       Exec        parse_xml("/Event"); </Input><Output remote_syslog>        Module      om_udp   Host         # IP SRV FORWARD        Port        514</Output><Route radius_to_remote>     Path        radius_log => remote_syslog</Route> Is it possible to get everything in the source folder not just one ? Because the name change everymonth , example : october  :IN2410.logNovember: IN2411.log December: IN2412.log   etc Please  Thnaks a lot

Hi @NOurdine,

The error returned suggests that the agent server is unable to establish a connection to that port. 

As for the multiple file read question, yes you can set a wildcard to read any file in the folder.

https://docs.nxlog.co/ce/current/index.html#im_file

... By using wildcards, the module can read multiple files simultaneously and will open new files as they appear. It will also enter newly created directories if recursion is enabled...

 

Regards,
Emeka.
Login to see more