01-04-2022 02:05 AM
Hello team,
What is difference between ID connection ms and lr?
I see that daemon is different but I don't undestand the difference between both, Anybody has a sk or similar for I can understand it?
I want to confirm that the forwarding is working correctly and why one shows only system logs and the other shows the others.
Source IP : Default
Destination IP : cms0
Source Daemon : mgmtsrvr
Connection Id : -log-collection-ms-cms0-def
Source IP : Default
Destination IP : cms0
Source Daemon : logrcvr
Connection Id : -log-collection-lr-cms0-def
01> show logging-status device
Type Last Log Rcvd Last Seq Num Rcvd Last Log Generated
Source IP : Default
Destination IP : cms0
Source Daemon : logrcvr
Connection Id : -log-collection-lr-cms0-def
Log rate: 8
config N/A N/A N/A
system N/A N/A N/A
threat 2022/01/04 10:18:22 6868408818117276965 2022/01/04 09:00:33
traffic 2022/01/04 10:18:27 6868408818196930248 2022/01/04 10:18:26
hipmatch 2022/01/04 10:18:31 6868408826707316895 2022/01/04 09:00:55
gtp-tunnel N/A N/A N/A
userid 2022/01/04 10:17:24 6868408826706816806 2022/01/04 10:17:16
iptag N/A N/A N/A
auth N/A N/A N/A
sctp N/A N/A N/A
Source IP : Default
Destination IP : cms0
Source Daemon : mgmtsrvr
Connection Id : -log-collection-ms-cms0-def
Log rate: 0
config N/A N/A N/A
system 2022/01/04 10:18:30 6868408715046433025 2022/01/04 10:18:28
threat N/A N/A N/A
traffic N/A N/A N/A
hipmatch N/A N/A N/A
gtp-tunnel N/A N/A N/A
userid N/A N/A N/A
iptag N/A N/A N/A
auth N/A N/A N/A
sctp N/A N/A N/A
1>
01-04-2022 04:11 AM
Thank you for the post @Alpalo
What you are seeing is expected and there seems no issue. Each daemon is processing different log types.
mgmtsrvr - This daemon takes care of configuration management, commit, reporting. ms in connection ID stands for management server and you will only see here system and configurations logs.
logrcvr - This daemon takes care of reporting traffic log. lr in connection ID stands for log receiver and you will only see here non system logs such as traffic, threat, user-id,.. logs.
Kind Regards
Pavel
01-04-2022 04:11 AM
Thank you for the post @Alpalo
What you are seeing is expected and there seems no issue. Each daemon is processing different log types.
mgmtsrvr - This daemon takes care of configuration management, commit, reporting. ms in connection ID stands for management server and you will only see here system and configurations logs.
logrcvr - This daemon takes care of reporting traffic log. lr in connection ID stands for log receiver and you will only see here non system logs such as traffic, threat, user-id,.. logs.
Kind Regards
Pavel
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
