Testing Syslog from the command line

Posted on February 15, 2024 by brian.wuchner

From time to time it is helpful to be able to send a syslog message to confirm that things are working correctly — firewall ports are open, nothing is filtering out the traffic in line, including a timestamp in the message body to show times are being received correctly, etc. I recently saw a post on Twitter showing a way to send a syslog message from the command line (https://twitter.com/nickrusso42518/status/1756711901088698584). The tweet showed the following syntax:

echo "<14>Test UDP syslog message" >> /dev/udp/10.0.0.1/514

Unfortunately, when I tested this on an ESXi host I found the /dev/udp target is not present. However, knowing sending the message like this was possible, I remembered that ESXi hosts do provide netcat (nc) and I wanted to see if using the same type of syntax with that command would work. A quick search and I found an example that did exactly what I wanted:

echo '<14>bwuchner-test-syslog sent at 2024-02-15 9:38:05 EST' | nc -v -u -w 0 192.168.45.80 514

The above worked great, even from an ESXi host. To round out my notes, I wanted to try and find a similar way of doing this from Windows boxes as well. My go-to shell of choice on Windows is PowerShell, since it comes out of the box on all supported Windows versions. A quick search and I found a function that did exactly what I was hoping: https://gist.github.com/PeteGoo/21a5ab7636786670e47c. I’ll include the function below, for reference, along with the syntax to use it to send a syslog message.

function Send-UdpDatagram
{
      Param ([string] $EndPoint, 
      [int] $Port, 
      [string] $Message)

      $IP = [System.Net.Dns]::GetHostAddresses($EndPoint) 
      $Address = [System.Net.IPAddress]::Parse($IP) 
      $EndPoints = New-Object System.Net.IPEndPoint($Address, $Port) 
      $Socket = New-Object System.Net.Sockets.UDPClient 
      $EncodedText = [Text.Encoding]::ASCII.GetBytes($Message) 
      $SendMessage = $Socket.Send($EncodedText, $EncodedText.Length, $EndPoints) 
      $Socket.Close() 
} 

Send-UdpDatagram -EndPoint 192.168.45.80 -Port 514 -Message '<14>bwuchner-test-syslog from powershell 2024-02-15 9:41:52 EST'

I was able to confirm each of these methods worked to send a test syslog message to Aria Operations for Logs (formerly known as vRealize Log Insight).

This entry was posted in Scripting. Bookmark the permalink.

One Response to Testing Syslog from the command line

  1. Dave says:
    April 16, 2026 at 11:34 am

    Fantastic, was looking for an easy way to test a syslog receiver from Powershell and this worked immediately. Thank you!

Leave a Reply

Your email address will not be published. Required fields are marked *