probably with the sniffer from ethereal.com regards, hb
Does anyone know of a tool to read the facility and severity info from inbound syslog packets? I have a number of devices that are sending me syslog info and I can't determine what facility they're using. These devices can't be set to use specific facilities unfortunately. It would be ideal if I could read the data out of a raw dump from tcpdump or at least be able to bind it to 514/udp and prepend facility/severity info on each log line.
Along the same lines it would be sweet if there was a way to rewrite the facility information in inbound syslog packets (based on source IP) before passing them to your favorite syslog server. This would be ideal for occasions such as this.
Any info would be greatly appreciated. Thanks
Justin _______________________________________________ syslog-ng maillist - syslog-ng@lists.balabit.hu https://lists.balabit.hu/mailman/listinfo/syslog-ng Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
-- Heiko@Blume.AG Cisco Certified Network Professional Cisco Certified Design Professional Juniper Certified Internet Specialist SUN Certified System Administrator Office: +49.30/4426309 FAX: +49.30/48494354 Mobile: +49.178/6662342 www: http://www.blume.ag/IT/ PHY: Knaackstrasse 6, 10405 Berlin, DE