0

I want to set up a local Syslog sever using Java code.

I Have MAC machine and another virtual Linux machine.

I found the java code below and I ran it on my MAC machine and the Syslog server is established properly.

I sent the linux command below from my MAC and it worked, The syslog server got the message.

Now I want to send from another linux which is not in my MAC network the same syslog message and received it by My syslog server.

How can I do that? Should I change something on the Java code? maybe something that related to the config.setHost() method? Should I add a route somehow to my MAC or to the other linux?

The linux command:

nc 10.10.1.1 9899 <<< "syslog message."

The Java Code:

import java.net.InetAddress;
import java.net.UnknownHostException;

import com.mprv.sysmoduleinfra.mgmt.syslog.TCPSyslogServerConfig;
import com.mprv.sysmoduleinfra.mgmt.syslog.UDPSyslogServerConfig;
import org.productivity.java.syslog4j.SyslogRuntimeException;
import org.productivity.java.syslog4j.server.SyslogServer;
import org.productivity.java.syslog4j.server.SyslogServerConfigIF;

/**
 * Syslog server.
 *
 * @author Josef Cacek
 */
public class Server {

    public static final int SYSLOG_PORT = 9899;

    public static void main(String[] args) throws SyslogRuntimeException, UnknownHostException {

        // Details for the properties -
        // http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html
        System.setProperty("jsse.enableSNIExtension", "false");
        // just in case...
        System.setProperty("sun.security.ssl.allowUnsafeRenegotiation", "true");
        System.setProperty("sun.security.ssl.allowLegacyHelloMessages", "true");

        // clear created server instances (TCP/UDP)
        SyslogServer.shutdown();

        String syslogProtocol = "tcp";
        System.out.println("Simple syslog server (RFC-5424)");
        System.out.println("Usage:");
        System.out.println("  java -jar simple-syslog-server.jar [protocol]");
        System.out.println();
        System.out.println("Possible protocols: udp, tcp, tls");
        System.out.println();


        SyslogServerConfigIF config = getSyslogConfig(syslogProtocol);
        if (config == null) {
            System.err.println("Unsupported Syslog protocol: " + syslogProtocol);
            System.exit(1);
        }

        config.setUseStructuredData(true);
//      config.setHost(InetAddress.getByName(null).getHostAddress());
        config.setHost("0.0.0.0");
        config.setPort(SYSLOG_PORT);

        System.out.println("Starting Simple Syslog Server");
        System.out.println("Protocol:     " + syslogProtocol);
        System.out.println("Bind address: " + config.getHost());
        System.out.println("Port:         " + config.getPort());

        // start syslog server
        SyslogServer.createThreadedInstance(syslogProtocol, config);
    }

    private static SyslogServerConfigIF getSyslogConfig(String syslogProtocol) {
        SyslogServerConfigIF config = null;
        if ("udp".equals(syslogProtocol)) {
            config = new UDPSyslogServerConfig();
        } else if ("tcp".equals(syslogProtocol)) {
            config = new TCPSyslogServerConfig();
        }
        return config;
    }

}
Tal Levi
  • 363
  • 1
  • 6
  • 22
  • In your code you configured port 9899, but tried to connect 9898 port :) – GuBo Apr 23 '20 at 16:31
  • The port was inconsistant in the question but I did use the rigth port and still no sucess :( Im starting to think that maybe my MAC blocks it – Tal Levi Apr 23 '20 at 20:31
  • Another problem would be this command ```nc 10.10.1.1 9899 <<< "syslog message."``` because you send a non-syslog protocol message. A syslog protocol message looks like this: ```timestamp hostname application: message```, i.e: ```<133>apr 25 08:58:28 app-server my-app: syslog message.``` It is possible the Java code will drop received message if don't meet protocol requirements. That would be a reason why you cannot see anything. – GuBo Apr 25 '20 at 07:05

0 Answers0