First time here? Check out the FAQ!

THIS IS A TEST INSTANCE. Feel free to ask and answer questions, but take care to avoid triggering too many notifications.

Capturing Syslog

retag add tags

I am new to wireshark. Sorry for the ignorance. How to capture security logs in wireshark?

VijaySeshadri

asked 2023-04-30 12:59:45 +0000

edit flag offensive 0 remove flag close merge delete

Comments

add a comment see more comments

1 Answer

Sort by

oldest

newest

most voted

The default port for syslog traffic is udp/514, so if you're looking for a capture filter, it'd be udp dst port 514 and if you're looking for a Wireshark display filter, it'd be udp.dstport eq 514.

11.1k

cmaynard

answered 2023-05-02 13:16:18 +0000

edit flag offensive 0 remove flag delete link

Comments

add a comment see more comments

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account. This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.

Add Answer

Capturing Syslog edit

Comments

1 Answer

Comments