Use ngrep to capture syslog traffic

Instead of using wireshark on Linux to capture traffic try ngrep

# sudo ngrep -d <interface> '<search string>' 'port 514'

source:
http://ngrep.sourceforge.net/usage.html

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>