Hi List, I wanted to send a test message to my syslog-ng server. I tried this:
echo -n "test message" | nc -4u -w1 192.168.100.10 514
But I saw no logs created on the syslog-ng server. I did see the udp package on wireshark. Will syslog-ng except my test message the way I have it formatted and log it, does my message need to be formatted in a specific way for syslog-ng to except and create a log? Also, should I change syslog-ng to TCP instead of UDP to better trouble shoot any network problems I might have pending my netcat test message looks ok for syslog-ng server to except and log? I'm not very good at articulating questions, so I hope what I wrote makes sense if it does not please let me know and I will spend some more time rephrasing my questions. Thank you for any suggestions or comments
It can potentially misparse some if the fields but the intended operation if syslog-ng is that if it receives a message it will do its best to deliver one as well. You should probably check firewall settings, that might be blocking packets, and also make sure syslog-ng is actually listening on port 514. On Jun 6, 2018 10:24, "Eric Benoit" <eric.r.benoit@gmail.com> wrote:
Hi List,
I wanted to send a test message to my syslog-ng server.
I tried this:
echo -n "test message" | nc -4u -w1 192.168.100.10 514
But I saw no logs created on the syslog-ng server.
I did see the udp package on wireshark.
Will syslog-ng except my test message the way I have it formatted and log it, does my message need to be formatted in a specific way for syslog-ng to except and create a log?
Also, should I change syslog-ng to TCP instead of UDP to better trouble shoot any network problems I might have pending my netcat test message looks ok for syslog-ng server to except and log?
I'm not very good at articulating questions, so I hope what I wrote makes sense if it does not please let me know and I will spend some more time rephrasing my questions.
Thank you for any suggestions or comments
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
Thank you. It does look like it is listening: udp 0 0 0.0.0.0:514 0.0.0.0:* root 2472217 57/syslog-ng Looks like I have to go back to iptables again. On Wed, Jun 6, 2018 at 5:27 AM, Scheidler, Balázs < balazs.scheidler@balabit.com> wrote:
It can potentially misparse some if the fields but the intended operation if syslog-ng is that if it receives a message it will do its best to deliver one as well.
You should probably check firewall settings, that might be blocking packets, and also make sure syslog-ng is actually listening on port 514.
On Jun 6, 2018 10:24, "Eric Benoit" <eric.r.benoit@gmail.com> wrote:
Hi List,
I wanted to send a test message to my syslog-ng server.
I tried this:
echo -n "test message" | nc -4u -w1 192.168.100.10 514
But I saw no logs created on the syslog-ng server.
I did see the udp package on wireshark.
Will syslog-ng except my test message the way I have it formatted and log it, does my message need to be formatted in a specific way for syslog-ng to except and create a log?
Also, should I change syslog-ng to TCP instead of UDP to better trouble shoot any network problems I might have pending my netcat test message looks ok for syslog-ng server to except and log?
I'm not very good at articulating questions, so I hope what I wrote makes sense if it does not please let me know and I will spend some more time rephrasing my questions.
Thank you for any suggestions or comments
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/?product= syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
____________________________________________________________ __________________ Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng Documentation: http://www.balabit.com/support/documentation/? product=syslog-ng FAQ: http://www.balabit.com/wiki/syslog-ng-faq
participants (2)
-
Eric Benoit
-
Scheidler, Balázs