No data from Syslog devices 

1. Ensure that the Syslog device is configured to forward the logs to EventLog Analyzer Server. Click here to know more about Syslog configuration in the respective devices.

2. In both Hardware and Software Firewall, ensure that the ports for log forwarding are opened.

3. Click on "Log Receiver" at the right-top corner and check whether the forwarded log packets are displayed.

4. If the log packets are displayed in "Log Receiver":

1. Go to the "Search" tab and search for logs by picking that specific device and leaving the type as "All Log Types".

2. If the search result returns the logs but as a different log source, go to the Settings tab ⇾ Configuration ⇾ ManageDevices ⇾ Syslog devices ⇾ click on "update" next to the device ⇾ change the device type accordingly.

3. If search does not return anything, open command prompt and execute netstat -ano | findstr 514 (or the desired port number). This will display which PID is using the port. Then, open Task Manager ⇾ go to "Details" tab ⇾ ensure that SysEvtCol.exe process is using the port. If not, inform the customer about the process that is blocking the usage of the port.

5. If the log packets are not displayed in the "Log Receiver":

1. Install Wireshark or any packet capturing software in the EventLog Analyzer Server and collect the output of the log traces.

2. After confirming the packet reception, open the EventLog Analyzer GUI ⇾ Settings tab ⇾ System Settings ⇾ Log Level Settings ⇾ change the log level settings value to 3 ⇾ click on "Save". After 15 minutes, change it back to 2.