[syslog-ng] Tool to determine facility and severity from syslog
packets
Justin Shore
justin.shore at sktbcs.com
Tue Dec 5 04:55:20 CET 2006
Does anyone know of a tool to read the facility and severity info from
inbound syslog packets? I have a number of devices that are sending me
syslog info and I can't determine what facility they're using. These
devices can't be set to use specific facilities unfortunately. It would
be ideal if I could read the data out of a raw dump from tcpdump or at
least be able to bind it to 514/udp and prepend facility/severity info
on each log line.
Along the same lines it would be sweet if there was a way to rewrite the
facility information in inbound syslog packets (based on source IP)
before passing them to your favorite syslog server. This would be ideal
for occasions such as this.
Any info would be greatly appreciated. Thanks
Justin
More information about the syslog-ng
mailing list