Business Community > Controllers > Syslog Generate Well But Destination IP not showing
< Controllers

Syslog Generate Well But Destination IP not showing

Syslog Generate Well But Destination IP not showing

Syslog Generate Well But Destination IP not showing
Syslog Generate Well But Destination IP not showing
3 weeks ago - last edited 2 weeks ago
Tags: #Logs
Model: Omada Cloud-Based Controller  
Hardware Version:
Firmware Version:

Hi,

 

i am collecting Syslog data from Access Points ( EAP110 or EAP 225 ) with support of Omada Controller to Syslog Server and it working Fine But Syslog Data showing Local Gateway as destination ip , so how can we get direct Destination IP instead of gateway. below are sample data please find for reference

 

EAP 110 & 225 Diffecrent Internet Connection Routers but all eap devices managed by Omada Controller

 

Syslog Data

 

Aug  9 09:09:42 49.37.151.116 [1723174778.190008551] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=0.0.0.0 IP DST=255.255.255.255 IP proto=17 SPT=68 DPT=67
Aug  9 09:09:47 49.37.151.116 [1723174783.990008551] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=38646 DPT=53
Aug  9 09:09:52 49.37.151.116 [1723174791.790008553] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=3494 DPT=53
[1723174791.820008553] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=9364 DPT=53
[1723174791.830008553] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=30210 DPT=53
[1723174791.830008553] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=39083 DPT=53
[1723174791.830008553] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=49452 DPT=53
Aug  9 09:10:12 49.37.151.116 [1723174809.470008555] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=45190 DPT=53
[1723174809.470008555] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=41532 DPT=53
[1723174809.480008555] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=3729 DPT=53
[1723174809.480008555] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=41966 DPT=53
[1723174809.490008555] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=41108 DPT=53
[1723174809.490008555] AP MAC=d8:47:32:2e:97:e0 MAC SRC=5a:74:81:dd:a4:6e IP SRC=192.168.29.166 IP DST=192.168.29.1 IP proto=17 SPT=54420 DPT=53

 

  0      
 
  0      
 
#1
Options
1 Accepted Solution
Re:Syslog Generate Well But Destination IP not showing-Solution
2 weeks ago - last edited 2 weeks ago

  @RajeshRouthu After Restarting the omada the log display properly and also showing dst ip too., if i disable the client log features i am unable to get the data

 

Sep  3 18:24:03 202.133.48.2 [1725368038.846029317] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=142.250.195.195 IP proto=6 SPT=35932 DPT=443
[1725368038.846029317] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53522 DPT=443
[1725368039.882029310] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.8.8 IP proto=6 SPT=44524 DPT=443
[1725368040.034029983] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.8.8 IP proto=6 SPT=44522 DPT=443
[1725368040.046029136] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53522 DPT=443
[1725368040.046029136] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=142.250.195.195 IP proto=6 SPT=35932 DPT=443
[1725368040.046029136] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53522 DPT=443
[1725368040.446030604] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53526 DPT=443
[1725368042.190033086] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=142.250.195.106 IP proto=6 SPT=46720 DPT=443
Sep  3 18:49:25 202.133.48.2 [1725369563.182181069] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=163.70.139.60 IP proto=6 SPT=49198 DPT=443
[1725369563.342486869] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=139.84.154.95 IP proto=6 SPT=49292 DPT=8043
[1725369563.342486869] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=139.84.154.95 IP proto=6 SPT=49290 DPT=8043
[1725369563.778030333] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=162.247.241.14 IP proto=6 SPT=47628 DPT=443
[1725369564.434852673] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=142.250.182.74 IP proto=6 SPT=49288 DPT=443
[1725369564.514640643] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=142.250.182.74 IP proto=6 SPT=49288 DPT=443
Sep  3 18:50:15 202.133.48.2 [1725369611.406048247] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=106.200.65.8 IP proto=17 SPT=14500 DPT=4500
Sep  3 18:50:25 202.133.48.2 [1725369620.326349029] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=52.35.150.14 IP proto=6 SPT=49298 DPT=443
[1725369620.531135842] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=202.133.52.72 IP proto=6 SPT=49208 DPT=80
[1725369620.560117276] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=202.133.52.72 IP proto=6 SPT=49208 DPT=80
[1725369621.366250250] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=20.157.85.187 IP proto=6 SPT=38302 DPT=80
[1725369624.084362686] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=52.35.150.14 IP proto=6 SPT=49297 DPT=443
[1725369624.334363851] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=52.35.150.14 IP proto=6 SPT=49298 DPT=443
Sep  3 18:51:40 202.133.48.2 [1725369696.460056421] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=49.44.59.14 IP proto=17 SPT=14500 DPT=4500
[1725369699.214031451] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=20.157.85.187 IP proto=6 SPT=38330 DPT=80
[1725369699.230029796] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=163.70.139.60 IP proto=6 SPT=49198 DPT=443
[1725369699.518029139] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=163.70.139.60 IP proto=6 SPT=49198 DPT=443

 

Recommended Solution
  0  
  0  
#3
Options
2 Reply
Re:Syslog Generate Well But Destination IP not showing
2 weeks ago - last edited 2 weeks ago

  @RajeshRouthu 

Where is your server? Is it on the Public? Does the DST IP in the log relate to the Gateway's LAN or WAN IP? If the Syslog connects to this Gateway? Do you enable the Client Details Log? You can try disabling it; the log will appear in another format.

 

 

 

 

Best Regards! >> Omada EAP Firmware Trial Available Here << >> Get the Latest Omada SDN Controller Releases Here << *Try filtering posts on each forum by Label of [Early Access]*
  0  
  0  
#2
Options
Re:Syslog Generate Well But Destination IP not showing-Solution
2 weeks ago - last edited 2 weeks ago

  @RajeshRouthu After Restarting the omada the log display properly and also showing dst ip too., if i disable the client log features i am unable to get the data

 

Sep  3 18:24:03 202.133.48.2 [1725368038.846029317] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=142.250.195.195 IP proto=6 SPT=35932 DPT=443
[1725368038.846029317] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53522 DPT=443
[1725368039.882029310] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.8.8 IP proto=6 SPT=44524 DPT=443
[1725368040.034029983] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.8.8 IP proto=6 SPT=44522 DPT=443
[1725368040.046029136] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53522 DPT=443
[1725368040.046029136] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=142.250.195.195 IP proto=6 SPT=35932 DPT=443
[1725368040.046029136] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53522 DPT=443
[1725368040.446030604] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=8.8.4.4 IP proto=6 SPT=53526 DPT=443
[1725368042.190033086] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=142.250.195.106 IP proto=6 SPT=46720 DPT=443
Sep  3 18:49:25 202.133.48.2 [1725369563.182181069] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=163.70.139.60 IP proto=6 SPT=49198 DPT=443
[1725369563.342486869] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=139.84.154.95 IP proto=6 SPT=49292 DPT=8043
[1725369563.342486869] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=139.84.154.95 IP proto=6 SPT=49290 DPT=8043
[1725369563.778030333] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=162.247.241.14 IP proto=6 SPT=47628 DPT=443
[1725369564.434852673] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=142.250.182.74 IP proto=6 SPT=49288 DPT=443
[1725369564.514640643] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=142.250.182.74 IP proto=6 SPT=49288 DPT=443
Sep  3 18:50:15 202.133.48.2 [1725369611.406048247] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=106.200.65.8 IP proto=17 SPT=14500 DPT=4500
Sep  3 18:50:25 202.133.48.2 [1725369620.326349029] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=52.35.150.14 IP proto=6 SPT=49298 DPT=443
[1725369620.531135842] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=202.133.52.72 IP proto=6 SPT=49208 DPT=80
[1725369620.560117276] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=202.133.52.72 IP proto=6 SPT=49208 DPT=80
[1725369621.366250250] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=20.157.85.187 IP proto=6 SPT=38302 DPT=80
[1725369624.084362686] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=52.35.150.14 IP proto=6 SPT=49297 DPT=443
[1725369624.334363851] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=52.35.150.14 IP proto=6 SPT=49298 DPT=443
Sep  3 18:51:40 202.133.48.2 [1725369696.460056421] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=49.44.59.14 IP proto=17 SPT=14500 DPT=4500
[1725369699.214031451] AP MAC=9c:53:22:e6:e9:6b MAC SRC=10:3f:44:42:39:d7  IP SRC=192.168.88.140 IP DST=20.157.85.187 IP proto=6 SPT=38330 DPT=80
[1725369699.230029796] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=163.70.139.60 IP proto=6 SPT=49198 DPT=443
[1725369699.518029139] AP MAC=9c:53:22:e6:e9:6b MAC SRC=00:45:e2:64:c9:cd  IP SRC=192.168.88.5 IP DST=163.70.139.60 IP proto=6 SPT=49198 DPT=443

 

Recommended Solution
  0  
  0  
#3
Options

Information

Helpful: 0

Views: 83

Replies: 2

Tags

Logs
Related Articles
ER605 Reply from <IP>: Destination host unreachable
1179 0
ACL with Source IP and Port to Destination IP and Port between VLANs
694 0
V5.8.4 AI WLAN Optimization breaks IP address assignment for a number of devices
805 1
Locations for Omada SYSLOG options - Finding Logging Levels
1894 2
Syslog access point
315 0
Policy-based routing for destination (internet) IP
1282 0
About Us
Press
Copyright © TP-Link Systems Inc. All rights reserved.