I want to troubleshoot logstash server issue and need to generate syslog message from time to time. Is there a simple way that allows me to connect to a syslog server using TCP and send some arbitrary syslog messages?
Asked
Active
Viewed 3.3k times
1 Answers
11
Netcat
Send each line of file.log towards syslog server 127.0.0.1 on port 514
nc -q0 127.0.0.1 514 < file.log
Send a simple string that will generate a single log entry:
echo "message" | nc -q0 127.0.0.1 514
-q0 makes nc exit after sending:
-q seconds after EOF on stdin, wait the specified number of seconds and then quit.
Tcpflood
The tcpflood utility has quite a lot of useful options. Below is a small subset of tcpflood options:
-t target address (default 127.0.0.1)
-p target port (default 13514)
-c number of connections (default 1)
-m number of messages to send (connection is random)
-M the message to be sent. Disables all message format options, as only that exact same message is sent.
-I read specified input file, do NOT generate own test data. The test completes when eof is reached.
-D randomly drop and re-establish connections. Useful for stress-testing the TCP receiver.
-T transport to use. Currently supported: "udp", "tcp" (default) Note: UDP supports a single target port, only
Gohu
- 924
- 1
- 7
- 16
-
You may add [Nping](https://nmap.org/nping/) to generate that TCP packets. – Biswapriyo Jul 14 '17 at 03:10
-
Thank you! I didn't realize syslog protocol is so simple. Even telnet works! – some user Jul 14 '17 at 03:49
-
3Not sure if this has to be edited, i have nmap-ncat package and its `--send-only` versus `-q0` – Dusan Gligoric Sep 20 '19 at 12:26