Greetings!!
How to restart udp port 514 that is configured on public ip x.x.x.x
all the syslogs sender are configured to send the data to x.x.x.x 514 , where this public IP(x.x.x.x) is the splunk log server collector.
BUT now , I can't recive logs into splunk log collector, and if I test this public IP by pinging is replying good, but port is not listening when I test with telnet it is not connecting,
how May I solve this???? I need your help?
how to do to put again this service to listening? so that even if I do telnet can respond as usual?
Thank you in advance!
Ping can tell you if a server is up, but doesn't tell if a port is open or not.
Telnet cannot test UDP connections. Try nc, instead.
nc -u x.x.x.x 514
Use netstat to verify something is listening on that port.
netstat -ln | grep 514
If nothing appears then Splunk is not listening on 514. Double-check the settings at Settings->Data inputs->UDP