Modifying the syslog UDP port configuration file

To modify a directive

1. Stop the CO-Syslog.exe process by stopping the CorreLog Framework service.

2. On the C:\Program Files\BMC Software\BMC Defender\system directory, edit the syslog.cnf file and modify the required directive:

   Directive	Description
   udp_port_number	UDP port that the CO-syslog.exe application uses to receive syslog messages Valid values are from 1 to 65,000. The default value is 514.
   encoding	Type of encoding that the CO-syslog.exe application uses to handle the syslog messages it receives The default value is unicode, which lets the CO-syslog.exe application handle the unicode character set.
   message_queue_size	(Optional) Queue size of the syslog messages that the CO-syslog.exe application receives The CO-syslog.exe application uses the message queue to prevent message loss during heavy message traffic and high processing overhead. Valid values are from 1,000 to 10,000,000. The default value is 2,000,000. Important Using message_queue_size affects system resource consumption.
   loglevel	(Optional) Logs messages that have the specified severity only The severities are fatal, error, warning, info, debug, and trace. The default severity is info.
   ipc_port	(Optional) Internal UDP port that the CO-syslog.exe application uses to communicate with other internal framework applications Valid values are from 1 to 65,000. The default value is 43,355. Important To prevent a conflict with other applications, you must set the the ipc_port to a UDP port high value.

3. Restart the CorreLog Framework service.