Submit a ticketCall us

Don’t fall victim to a ransomware attack
Backups are helpful, but sometimes that’s not enough to protect your business against ransomware. At our live webcast we will discuss how to protect against ransomware attacks with SolarWinds® Patch Manager and how to leverage log data to detect ransomware. Register now for our live webcast.

Home > Success Center > Kiwi Syslog Server > Set Up Ethereal to Capture Syslog Messages

Set Up Ethereal to Capture Syslog Messages

Table of contents
Created by Interspire Import, last modified by MindTouch on Jun 23, 2016

Views: 14 Votes: 0 Revisions: 10

Issue: 

Kiwi Syslog Daemon is not receiving and displaying messages.
 

Cause:


There are several reasons why this problem occurs. 

then you can use a packet capture program such as Ethereal, http://www.ethereal.com.

 

Note: This fix requires a third party application which may change or update in the future.

Resolution:

  1. Download and install the program from http://www.ethereal.com
  2. Use the Capture menu to open the Capture Options form.
  3. Select your NIC and define a capture filter that will look for all packets sent to UDP port 514 (the default syslog port).
  4. Press the Start button and you should see packets being as in the image below.
  5. Stop the capture and view the data. It should show packets with the protocol being Syslog.

This program provides the ability to capture packets as they are sent to your Network Interface Card (NIC). By filtering for and analyzing this traffic, you will be able to determine if your network devices are actually sending the expected information to your system.
Last modified
19:50, 22 Jun 2016

Tags

Classifications

Public