[syslog-ng] Tool to determine facility and severity from
syslog packets
Heiko Blume
Heiko at Blume.AG
Tue Dec 5 10:32:19 CET 2006
probably with the sniffer from ethereal.com
regards, hb
> Does anyone know of a tool to read the facility and severity info from
> inbound syslog packets? I have a number of devices that are sending me
> syslog info and I can't determine what facility they're using. These
> devices can't be set to use specific facilities unfortunately. It would
> be ideal if I could read the data out of a raw dump from tcpdump or at
> least be able to bind it to 514/udp and prepend facility/severity info
> on each log line.
>
> Along the same lines it would be sweet if there was a way to rewrite the
> facility information in inbound syslog packets (based on source IP)
> before passing them to your favorite syslog server. This would be ideal
> for occasions such as this.
>
> Any info would be greatly appreciated. Thanks
>
> Justin
> _______________________________________________
> syslog-ng maillist - syslog-ng at lists.balabit.hu
> https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Frequently asked questions at http://www.campin.net/syslog-ng/faq.html
>
>
--
Heiko at Blume.AG
Cisco Certified Network Professional
Cisco Certified Design Professional
Juniper Certified Internet Specialist
SUN Certified System Administrator
Office: +49.30/4426309
FAX: +49.30/48494354
Mobile: +49.178/6662342
www: http://www.blume.ag/IT/
PHY: Knaackstrasse 6, 10405 Berlin, DE
More information about the syslog-ng
mailing list