I am trying to log messages into a linux server which has Rsyslog installed on it
Here is one of the sample message
Feb 20 11:31:46 localhost - <46>1 2020-02-20T11:31:46+00:00 localhost [meta sequenceId="3"] -- MARK --#012
The part in bold is not part of RFC-5424 format
The Rsyslog agent seems to be adding this. How do I get rid of this ? And read only the remaining part
i too find rsyslog it confusing. I want to configure rsyslog to strictly for rfc5424, but cant seem to find how.
Also when i send a syslog to it over TCP, i dont see part at all, the messages logged simply start with timestamp.
Related
I am trying to upload data from an Arduino to data.sparkfun.com, but somehow it always fails. To make sure that the HTTP request I am sending is correct, I would like to send it from a computer to the server and see if it uploads the correct values.
According to some examples, the request should be formulated like this:
GET /input/publicKey?private_key=privateKey&dht1_t=24.23&dht1_h=42.4&dht2_t=24.48&dht2_h=41.5&bmp_t=23.3&bmp_p=984021 HTTP/1.1\n
Host: 54.86.132.254\n
Connection: close\n
\n
How do I send this request to the server from my computer? Do I just type in the terminal? Im not sure where to start.
Have a look at curl which should be able to handle your needs.
Even easier and more low level is netcat (here is an example on SO)
I have a strange one.
A number of data items are being collected by collectd and appear correctly with
collectdctl -s /var/run/collectdctl listval|getval and so forth.
These are then rendered into graphite effectively for most items.
Recently, the collectd-graphite connection ceased to be operational
for several recently added items. While it appears in collectd and
is queryable via collectdctl, it remains not on the graphite page.
I am asking to find out how you would approach this.
Thanks for any comment.
There's probably a number of ways you can troubleshoot this, but I end up almost always resorting to tcpdump, sigh. First enable debug logging in collectd just to make sure it really doesn't spit out an error message (LogLevel "debug" https://collectd.org/wiki/index.php/Plugin:LogFile although often collectd is compiled with debug logging disabled).
Then run tcpdump on the graphite server using the -s0 -X flags to tcpdump so you get the packet contents. (You can also use a more sophisticated network sniffer that prints the tcp data stream.) Check whether you see the data items that are missing the packets and whether they look appropriate (see https://collectd.org/wiki/index.php/Plugin:Write_Graphite). Typically this step allows me to quickly determine whether the problem is the sending collectd or the receiving service.
I'm a veteran of Asterisk 1.4 and am looking to build a new application on Asterisk 11 (which is currently beta, but is planned to be LTS release some time before I need it.)
I can't get Asterisk Manager Interface on 11 to send me any events. (Now, obviously, in production, I need to cut down these AMI rights drastically, but as I'm exploring I've opened the firehose, if you will.)
manager.conf looks like this:
[general]
enabled = yes
port = 5038
bindaddr = 127.0.0.1
[manager]
secret = squirrel
deny = 0.0.0.0/0.0.0.0
permit = 127.0.0.1/255.0.0.0
read = all
write = all
I then use telnet to try to get in and explore the event stream:
$ telnet localhost 5038
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Asterisk Call Manager/1.3
Action: Login
Username: manager
Secret: squirrel
Events: on
Response: Success
Message: Authentication accepted
Event: FullyBooted
Privilege: system,all
Status: Fully Booted
...and there it sits, not moving, no matter what I actually do with the system. I've also tried using the Event manager action with EventMask: on to try to get something out of it; the command is accepted, but nothing changes. It will happily respond to any other actions I send it, though.
Any leads? This sort of thing worked fine under 1.4, and I'm not finding anything in any documentation suggesting I'm doing something wrong. I suppose the next thing to try is 1.8...
(There is little else in /etc/asterisk; I'm using example configs only for reference. This is as minimal as we get...)
It's may be bug in Asteriks / FreePBX. I had same situation, and my API php script didn't receive any events from AMI.
For fix this bug, you must install "Conferences" module and restart Asterisk from SSH: service asterisk restart
I just tested this with the latest 11 from subversion using your configs. I see events being generated. For example, executing this from the CLI:
*CLI> channel originate Local/Foo application Bar
While invalid, will cause some events to be spit out to the manager interface.
So, I used the example on http://www.jcraft.com/jsch/examples/Sftp.java and I was trying to connect to ftp.secureftp-test.com.
That destination is a valid testing SFTP server (as mentioned in secureftp-test dot com/). I confirmed it by connecting to the server through nautilus. I also made sure that the password on my program was correct as well.
But, when I run the program and it hits session.connect(), it just says "INFO: Connection established" then it becomes quiet for a minute then it return:
"com.jcraft.jsch.JSchException: connection is closed by foreign host"
I am pretty sure that it got stuck in the while loop of the library but I do not know why. I tried it against my local ftp server and it also had the same problem.
During the quiet moment, I can type. But pressing enter does not send anything to the server.
Has anyone heard or seen the same problem?
Okay, it seems that secureftp-test.com is NOT an sftp server. That is ftps server.
What I did instead was creating my own sftp:
http://wiki.vpslink.com/Configuring_vsftpd_for_secure_connections_(TLS/SSL/SFTP)
Then run the example code but making sure that I have these lines before doing session.connect:
String knownHostsFilename = "/home/yourname/.ssh/known_hosts";
jsch.setKnownHosts(knownHostsFilename);
I want to monitor the websocket traffic (like to see what version of the protocol the client/server is using) for debugging purposes. How would I go about doing this? Wireshark seems too low level for such a task. Suggestions?
Wireshark sounds like what you want actually. There is very little framing or structure to WebSockets after the handshake (so you want low-level) and even if there was, wireshark would soon (or already) have the ability to parse it and show you the structure.
Personally, I often capture with tcpdump and then parse the data later using wireshark. This is especially nice when you may not be able wireshark on the device where you want to capture the data (i.e. a headless server). For example:
sudo tcpdump -w /tmp/capture_data -s 8192 port 8000
Alternately, if you have control over the WebSockets server (or proxy) you could always print out the send and receive data. Note that since websocket frames start with '\x00' will want to avoid printing that since in many languages '\x00' means the end of the string.
If you're looking for the actual data sent and received, the recent Chrome Canary and Chromium have now WebSocket message frame inspection feature.
You find details in this thread.
I think you should use Wireshark
Steps
Open wireshark
Go to capture and follow bellow path: capture > interfaces > start capture in your appropriate device.
Write rules in filter tcp.dstport == your_websoket_port
Hit apply
For simple thing, wireshark is too complex, i wanted to check only if the connection can be establish or not. Following Chrome plugin "Simple Web-socket (link : https://chrome.google.com/webstore/detail/simple-websocket-client/pfdhoblngboilpfeibdedpjgfnlcodoo?hl=en)" work like charm. See image.
https://lh3.googleusercontent.com/bEHoKg3ijfjaE8-RWTONDBZolc3tP2mLbyWanolCfLmpTHUyYPMSD5I4hKBfi81D2hVpVH_BfQ=w640-h400-e365