Ubuntu - Testing Syslog Connection with Tcpdump and Logger

It is very easy to send a syslog test message to a syslog server using logger and to check the connection between syslog client and server with tcpdump.

Testing the syslog client and server

I run the following on the CLI of my Ubuntu VM. Listen for incoming connections with tcpdump:

sudo tcpdump -i any dst port 6514

In this case, I’m listening to port 6514 (UDP) on my docker host because I ran this test with an installation of the Telegraf Syslog Receiver plugin.

Now open another session and send a syslog message with logger:

logger -n IP -d -P 6514 test

Replace the following:

The IP address of your Syslog server. In my case it is the IP address of the docker host which is running Telegraf

This is the message

Now tcpdump should see an incoming connection and the syslog server should have received the message as well. If not then there is probably a problem with the syslog server configuration.

Read other notes


    No comments found for this note.

    Join the discussion for this note on this ticket. Comments appear on this page instantly.


    Notes mentioning this note

    Notes Graph