[prev in list] [next in list] [prev in thread] [next in thread] 

List:       syslog-ng
Subject:    Re: [syslog-ng] netcat tests
From:       Eric Benoit <eric.r.benoit () gmail ! com>
Date:       2018-06-06 9:49:01
Message-ID: CABzb+M1ZCv60yFdZvUobgn2MD-Zx-+VXQvHcuSfBXOk03DHnVA () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Thank you.  It does look like it is listening:
udp        0      0 0.0.0.0:514             0.0.0.0:*
     root       2472217    57/syslog-ng

Looks like I have to go back to iptables again.







On Wed, Jun 6, 2018 at 5:27 AM, Scheidler, Balázs <
balazs.scheidler@balabit.com> wrote:

> It can potentially misparse some if the fields but the intended operation
> if syslog-ng is that if it receives a message it will do its best to
> deliver one as well.
>
> You should probably check firewall settings, that might be blocking
> packets, and also make sure syslog-ng is actually listening on port 514.
>
> On Jun 6, 2018 10:24, "Eric Benoit" <eric.r.benoit@gmail.com> wrote:
>
>> Hi List,
>>
>> I wanted to send a test message to my syslog-ng server.
>>
>> I tried this:
>>
>> > echo -n "test message" | nc -4u -w1 192.168.100.10 514
>>
>> But I saw no logs created on the syslog-ng server.
>>
>> I did see the udp package on wireshark.
>>
>> Will syslog-ng except my test message the way I have it formatted and log
>> it, does my message need to be formatted in a specific way for syslog-ng to
>> except and create a log?
>>
>> Also, should I change syslog-ng to TCP instead of UDP to better trouble
>> shoot any network problems I might have pending my netcat test message
>> looks ok for syslog-ng server to except and log?
>>
>> I'm not very good at articulating questions, so I hope what I wrote makes
>> sense if it does not please let me know and I will spend some more time
>> rephrasing my questions.
>>
>> Thank you for any suggestions or comments
>>
>> ____________________________________________________________
>> __________________
>> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
>> Documentation: http://www.balabit.com/support/documentation/?product=
>> syslog-ng
>> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>>
>>
>>
> ____________________________________________________________
> __________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?
> product=syslog-ng
> FAQ: http://www.balabit.com/wiki/syslog-ng-faq
>
>
>

[Attachment #5 (text/html)]

<div dir="ltr"><div>Thank you.   It does look like it is listening:</div><div><span \
style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">udp \
0         0 <a href="http://0.0.0.0:514">0.0.0.0:514</a>                    0.0.0.0:* \
root           2472217      57/syslog-ng</span><br></div><div><br></div><div>Looks \
like I have to go back to iptables again.</div><div><br></div><div><br></div><div>    \
</div><div><br></div><div><br></div><div><br></div></div><div \
class="gmail_extra"><br><div class="gmail_quote">On Wed, Jun 6, 2018 at 5:27 AM, \
Scheidler, Balázs <span dir="ltr">&lt;<a href="mailto:balazs.scheidler@balabit.com" \
target="_blank">balazs.scheidler@balabit.com</a>&gt;</span> wrote:<br><blockquote \
class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div dir="auto">It can potentially misparse some if the \
fields but the intended operation if syslog-ng is that if it receives a message it \
will do its best to deliver one as well.<div dir="auto"><br></div><div dir="auto">You \
should probably check firewall settings, that might be blocking packets, and also \
make sure syslog-ng is actually listening on port 514.</div></div><div \
class="gmail_extra"><br><div class="gmail_quote"><div><div class="h5">On Jun 6, 2018 \
10:24, &quot;Eric Benoit&quot; &lt;<a href="mailto:eric.r.benoit@gmail.com" \
target="_blank">eric.r.benoit@gmail.com</a>&gt; wrote:<br \
type="attribution"></div></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div class="h5"><div \
dir="ltr">Hi List,<div><br></div><div>I wanted to send a test message to my syslog-ng \
server.</div><div><br></div><div>I tried this:</div><div><br></div><div>&gt; echo -n \
&quot;test message&quot; | nc -4u -w1 192.168.100.10 \
514<br></div><div><br></div><div>But I saw no logs created on the syslog-ng \
server.</div><div><br></div><div>I did see the udp package on \
wireshark.</div><div><br></div><div>Will syslog-ng except my test message the way I \
have it formatted and log it, does my message need to be formatted in a specific way \
for syslog-ng to except and create a log?</div><div><br></div><div>Also, should I \
change syslog-ng to TCP instead of UDP to better trouble shoot any network problems I \
might have pending my netcat test message looks ok for syslog-ng server to except and \
log?</div><div><br></div><div>I&#39;m not very good at articulating questions, so I \
hope what I wrote makes sense if it does not please let me know and I will spend some \
more time rephrasing my questions.</div><div><br></div><div>Thank you for any \
suggestions or comments</div></div> \
<br></div></div>______________________________<wbr>______________________________<wbr>__________________<br>
 Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" \
rel="noreferrer" target="_blank">https://lists.balabit.hu/mailm<wbr>an/listinfo/syslog-ng</a><br>
                
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" \
rel="noreferrer" target="_blank">http://www.balabit.com/support<wbr>/documentation/?product=<wbr>syslog-ng</a><br>
                
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" \
target="_blank">http://www.balabit.com/wiki/sy<wbr>slog-ng-faq</a><br> <br>
<br></blockquote></div></div>
<br>______________________________<wbr>______________________________<wbr>__________________<br>
 Member info: <a href="https://lists.balabit.hu/mailman/listinfo/syslog-ng" \
rel="noreferrer" target="_blank">https://lists.balabit.hu/<wbr>mailman/listinfo/syslog-ng</a><br>
                
Documentation: <a href="http://www.balabit.com/support/documentation/?product=syslog-ng" \
rel="noreferrer" target="_blank">http://www.balabit.com/<wbr>support/documentation/?<wbr>product=syslog-ng</a><br>
                
FAQ: <a href="http://www.balabit.com/wiki/syslog-ng-faq" rel="noreferrer" \
target="_blank">http://www.balabit.com/wiki/<wbr>syslog-ng-faq</a><br> <br>
<br></blockquote></div><br></div>


[Attachment #6 (text/plain)]

______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.balabit.com/wiki/syslog-ng-faq



[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic