Hello All,


I am using nxlog-ce-2.9.1716 client to collect logs from my device and then forward it to logstash. I want to make sure nxlog client accept syslogs from particular source instead any. However when using specific IP in im_udp module, I am getting error as below:


"2017-03-07 16:04:51 ERROR failed to start im_udp; couldn't bind udp socket to; The requested address is not valid in its context. " 


my input driver is configured as below:


<Input in>
    Module    im_udp
    Port    514


I tried by changing host as below as well:


Host - No luck

Host - No luck

Host - No luck

Host - no luck

Host - No luck


However if I make Host - it works , but this is not what I am looking for. 


Please help if I am missing anything. 






AskedMarch 7, 2017 - 12:02pm

Answer (1)

Hello GaurangMaru,

The Host directive in the Input section refers which address to "bind". Examples could be "" or "", etc. There are two ways to achieve what you want to do:

  1. Use an exec clause like: Exec if $MessageSourceAddress != "" drop();
  2. Or use a firewall to block incoming connections from a specific IP address



NXLog Team.