Testing syslog

Created Sat May, 25 2019 at 09:33PM

simulate kernel message

# ubuntu
sudo su root -c 'echo foo test test > /dev/kmsg'
# BSD
logger -p kern.crit MESSAGE

# network syslog traffic via Netcat
# Send each line of file.log towards syslog server 127.0.0.1 on port 514
nc -q0 127.0.0.1 514 < file.log
# Send a simple string that will generate a single log entry:

echo "message" | nc -q0 127.0.0.1 514
# -q0 makes nc exit after sending:
# -q seconds after EOF on stdin, wait the specified number of seconds and then quit.

Below are two python syslog clients to use to test sending messages

syslogger.py

#!/usr/bin/env python3
import logging.config
import ssl
import sys

syslog_host = '127.0.0.1'
syslog_port = 5515

logging.config.dictConfig({
    'version': 1,
    'formatters': {
        'simple': {
            'format': '%(asctime)s syslogger %(name)s: %(levelname)s %(message)s',
            'datefmt': '%Y-%m-%dT%H:%M:%S',
        },
    },
    'handlers': {
        'syslog': {
            'level': 'INFO',
            'class': 'logging.handlers.SysLogHandler',
            'formatter': 'simple',
            'address': (syslog_host, syslog_port),
        },
    },
    'root': {
        'handlers': ['syslog'],
        'level': 'INFO',
    }
})
print('sending syslog host:[{}] UDP port[{}]'.format(syslog_host, syslog_port))
logger = logging.getLogger('testlogger')
try:
    msg = sys.argv[1]
except:
    msg = 'hello dipshit'
logger.info(msg)

and if you need to test TLS syslogging use the following. Note you'll need to pip install tls-syslog

#!/usr/bin/env python3
# requires pip install tls-syslog
import logging.config
import ssl
import sys

syslog_host = '127.0.0.1'
syslog_port = 6514
syslog_cert_path = '/path/to/syslog.pem'

logging.config.dictConfig({
    'version': 1,
    'formatters': {
        'simple': {
            'format': '%(asctime)s Jaime %(name)s: %(levelname)s %(message)s',
            'datefmt': '%Y-%m-%dT%H:%M:%S',
        },
    },
    'handlers': {
        'syslog': {
            'level': 'INFO',
            'class': 'tlssyslog.handlers.TLSSysLogHandler',
            'formatter': 'simple',
            'address': (syslog_host, syslog_port),
            'ssl_kwargs': {
                'cert_reqs': ssl.CERT_REQUIRED,
                'ssl_version': ssl.PROTOCOL_TLS,
                'ca_certs': syslog_cert_path,
            },
        },
    },
    'root': {
        'handlers': ['syslog'],
        'level': 'INFO',
    }
})
print('sending syslog host:[{}] TCP port[{}]'.format(syslog_host, syslog_port))

logger = logging.getLogger('testlogger')
try:
    msg = sys.argv[1]
except:
    msg = 'It is so damn hot. Milk was a bad choice.'
logger.info(msg)