How to test sending syslog messages from macOS to a syslog server using UDP port 514, TCP port 514 and SNMP Trap port 162
Using Solarwinds' Free Kiwi Syslog Server version 9.7.2.1 installed on Windows 10 as syslog/SNMPtrap server.
Run syslogd.exe
File > Setup > Inputs
Enter the syslog client/SNMPtrap agent IP address into the box (max. 5 for Free version) under Receive messages from below IP addresses and then click Apply button.
Under UDP Input Options, check the box Listen for UDP Syslog messages
Under TCP Input Options, check the box Listen for TCP Syslog messages
Under SNMP Input Options, check the box Listen for SNMP Traps
Remember to click Apply button.
Remember to turn off Windows Firewall.
Syslog server/SNMPtrap server IP address = 192.168.1.1
Open Terminal.app
Try to ping the syslog server/SNMPtrap server ip address to verify reachability.
MacBookPro2019$ nc -w0 -t 192.168.1.1 514 <<< "testing syslog tcp port 514 from my mac"
MacBookPro2019$ nc -w0 -u 192.168.1.1 514 <<< "testing syslog udp port 514 from my mac"
MacBookPro2019$ snmptrap -v 2c -c public 192.168.1.1 '' 1.3.6.1.4.1.8072.2.3.0.1 1.3.6.1.4.1.8072.2.3.2.1 i 123456
You should see messages in the Kiwi Syslog Server window.
If you are unable to receive syslog message, you may want to use Wireshark on Windows 10 to capture the packets from your client IP.
 
No comments:
Post a Comment