Ubuntu - Testing Syslog Connection with Tcpdump and Logger
It is very easy to send a syslog test message to a syslog server using logger and to check the connection between syslog client and server with tcpdump.
Testing the syslog client and server
I run the following on the CLI of my Ubuntu VM. Listen for incoming connections with tcpdump:
sudo tcpdump -i any dst port 6514
In this case, I’m listening to port 6514 (UDP) on my docker host because I ran this test with an installation of the Telegraf Syslog Receiver plugin.
Now open another session and send a syslog message with logger:
logger -n IP -d -P 6514 test
Replace the following:
IP
The IP address of your Syslog server. In my case it is the IP address of the docker host which is running Telegraf
test
This is the message
Now tcpdump should see an incoming connection and the syslog server should have received the message as well. If not then there is probably a problem with the syslog server configuration.
Read other notes
Tags
Notes mentioning this note
- Docker - Telegraf Container with Syslog Receiver Input Plugin
I found out that an IoT device (smart power strip) had the setting to communicatie with a syslog server and...
Comments
No comments found for this note.
Join the discussion for this note on this ticket. Comments appear on this page instantly.