Camilo Diaz 2 Posted January 20, 2019 Share Posted January 20, 2019 ESET Security Management Center (Server), Version 7.0 (7.0.577.0)ESET Security Management Center (Web Console), Version 7.0 (7.0.429.0) Microsoft Windows Server 2012 R2 Datacenter (64-bit). We've been experiencing issues with the logs not being sent to our syslog server. We just upgraded to the latest version hoping that this would fix the issue but unfortunately, after the upgrade, we still see the same error in the tracelog: Extract of the logs: 2019-01-20 18:20:18 Debug: CLogExportModule [Thread 47c]: Encoding message (10225): EventLog_THREAT_EVENT 2019-01-20 18:20:18 Error: CSyslogSenderModule [Thread 20d8]: Failed to encode syslog message 2019-01-20 18:20:18 Error: CLogExportModule [Thread 47c]: Unhandled exception: Failed to encode syslog message 2019-01-20 18:20:18 Debug: CLogExportModule [Thread 47c]: Encoding message (10225): EventLog_THREAT_EVENT 2019-01-20 18:20:18 Error: CSyslogSenderModule [Thread 20d8]: Failed to encode syslog message 2019-01-20 18:20:18 Error: CLogExportModule [Thread 47c]: Unhandled exception: Failed to encode syslog message 2019-01-20 18:20:18 Debug: CLogExportModule [Thread 47c]: Encoding message (10225): EventLog_THREAT_EVENT 2019-01-20 18:20:18 Error: CSyslogSenderModule [Thread 20d8]: Failed to encode syslog message 2019-01-20 18:20:18 Error: CLogExportModule [Thread 47c]: Unhandled exception: Failed to encode syslog message 2019-01-20 18:20:18 Debug: CLogExportModule [Thread 47c]: Encoding message (10225): EventLog_THREAT_EVENT 2019-01-20 18:20:18 Error: CSyslogSenderModule [Thread 20d8]: Failed to encode syslog message 2019-01-20 18:20:18 Error: CLogExportModule [Thread 47c]: Unhandled exception: Failed to encode syslog message Syslog server config: Same error when using default port 514. Logging: Any advice on how to fix/troubleshoot this error? Thanks Camilo. Link to comment Share on other sites More sharing options...
Administrators Marcos 5,235 Posted January 20, 2019 Administrators Share Posted January 20, 2019 Most likely it's a known bug with messages longer than 1024 bytes. Currently there is no ETA for a fix. Link to comment Share on other sites More sharing options...
Camilo Diaz 2 Posted January 20, 2019 Author Share Posted January 20, 2019 Thanks Marcos for your quick response. My understanding is the logs sent from the clients can't be modified. Can you confirm this? Link to comment Share on other sites More sharing options...
Recommended Posts