[syslog-ng]test tool: split/forward syslog from production old-syslogd to syslog-ng?

[David Carmean]

I'm trying to figure out how to configure/test a new syslog-ng 
system without disrupting my current old-style syslogd on a Solaris 
central logserver.

The challenges are: preserving level/facility and perserving the originating 
host IP/name; thus a simple "*.debug	@newserver" doesn't work.

I *think* I can come up with a perl script to take nc (netcat) -l -v output, 
re-write the messages to contain the original hostname, and use netcat again 
to forward it off to the new server under development.  e.g.:

    > sudo ./nc -l -u -p 514 -v
    listening on [any] 514 ...
    connect to [172.19.248.122] from eponymous.lab.netapp.com [172.19.248.40] 3357
    <0>foofdsasdfasdf

and rewrite that to

    <0>${timedate} 172.19.248.40 foofdsasdfasdf

and ship it off.

But I was wondering if anyone had already built such a tool....?