syslog:syslog 是一种主从式协议,通常发送给 syslogd,syslog daemon,syslog服务器等,通常用于信息系统管理及信息安全审核,它使用UDP协议作为它的传输层协议,其默认使用UDP端口514
介绍参考: https://www.jiankongyi.com/q/?/article/159
1. 编写如下python代码
#!/usr/bin/python2
# coding=utf-8
import sys
import socket
import logging
from logging.handlers import SysLogHandler
def send(msg):
server = '127.0.0.1'
port = '514'
protocol = 'udp'
data_stream = socket.SOCK_DGRAM
if protocol == 'tcp':
data_stream = socket.SOCK_STREAM
formatter = logging.Formatter('%(asctime)s '+socket.gethostname()+' %(levelname)s %(message)s', '%b %d %H:%M:%S')
logger = logging.getLogger('cnlogger')
syslog = SysLogHandler(address=(server, int(port)), socktype=data_stream)
syslog.setFormatter(formatter)
logger.addHandler(syslog)
logger.setLevel('INFO')
try:
# logger.info(msg.decode('utf-8', 'ignore').encode('gb2312')) # )
logger.info(msg)
except Exception as e:
print(e)
finally:
logger.removeHandler(syslog)
syslog.close()
if __name__ == '__main__':
send('hello world.')
2. 通过 wireshark或者3cdaemon工具作为 syslog服务器,即可捕获到发送的消息