Generating test syslog messages from the command line on a Linux machine
search cancel

Generating test syslog messages from the command line on a Linux machine

book

Article ID: 251527

calendar_today

Updated On:

Products

CA Identity Suite

Issue/Introduction

When troubleshooting the syslog performance and connectivity it is helpful to be able to generate test syslog messages and send them to another host to insure that syslog is functioning correctly.

Some third-party utilities have been used to generate test syslog messages in the past but these utilities are not necessary as CentOS (and most other Linux distros) can generate test syslog messages natively.

Environment

Release : 14.3

Component :

Cause

How to Configure and Verify Log Forwarding on vApp:
https://knowledge.broadcom.com/external/article/138132/how-to-configure-and-verify-log-forwardi.html

After following the steps mentioned in the above KB article, logs are still not generated.

Resolution

Follow the steps below to generate and send syslog messages to a syslog server.
1. Logon to the machine you wish to test.
2. Test UDP syslog messages on port 514 with the following command:
 echo "<14>Test UDP syslog message" >> /dev/udp/<target_hostname_or_ip_address>/514
3. Test TCP syslog messages on port 514 with the following command:
 echo "<14>Test TCP syslog message" >> /dev/tcp/<target_hostname_or_ip_address>/514
4. Logon to the syslog server and verify that the test messages have been received.

Additional Information

Consider trying various syslog "keyword" indicators in the strings passed in tests.  These examples use only "<14>" but other values are possible.  

It is necessary to use a "keyword" or the syslog will not be processed, but will be recorded into /var/log/messages on the target Log Decoder.  

An example of such a logged event is listed below:

Oct 15 19:20:22 LOGDECODER01 nw[5178]: [SYSLOG] [warning] Unidentified content from 10.1.1.1
received on receiver: 'no keyword test TCP syslog from CentOS Host'
Oct 15 19:20:23 LOGDECODER01 nw[5178]: [SYSLOG] [warning] Unidentified content from 10.1.1.1
received on receiver: 'no keyword test TCP syslog from CentOS Host'