I am running the latest Axigen mail-server for private use and I try to understand some problems. Looking into the alarms as generated by the involved systems is of course very helpfull. One ^little^ problem I do not manage to forward Axigen alarms/warnings to my syslog server (Graylog).
I did try a couple of things and did read the blog post ^https://www.axigen.com/articles/email-security-axigen-graylog_81.html^ but I simply do not manage.
Since it is not even clear to me if the alarm forwarding is based on snmp2 (udp) or 3 (tcp), I did define two listening ports on Graylog:
- port 5144 tcp & port 5144 udp
I made sure that:
- the firewall (pfSense) is passing 5144 udp/tcp between the Axigen VLAN and the GrayLog VLAN
- I did stop the linux ufw firewall on the ubuntu VM (the host for Axigen)
- I did make sure that the Axigen ‘Log server’ and the may be related ‘reporting service’ where started
- did set the Log: Use remote log IP custom <my port 5144>
- checked those values in the config file
- did restart axigen
- did try to de file GrayLog as extra listener in the same Log Server Settings (I have no idea what the intention is, just to try). However that option is refused !
- when trying to enable the message is ^An error has occurred: Cannot assign requested^
- I did a protocol capture on the Axigen VLAN and did not see any graylog related message
I do not know how to simply force an alarm, but I assume there are some given the highest (lowest possible) setting.
So bottom line ^I am lost^ …
Need some help