There must be an easy way to fire a single message over UDP to a splunk forwarder/server. "logger" nearly does it. I want to do something like this:
testlogger -h host -p port "message to log in Splunk"
Let me specify- Unix commandline. I suppose I could write a few lines of code, but am I the first person to want this?
You can use netcat for this purpose:
echo "message to log in Splunk" | nc -u -q 0 <HOST> <PORT>
Example:
echo "message to log in Splunk" | nc -u -q 0 localhost 514
(This works on Linux)
On a Mac, you have to use the -w option instead of -q
echo "message to log in Splunk" | nc -u -w 0 splunkhost.mydomain.com 514
Maybe the netcat command is different on other *nix systems as well.
You can use netcat for this purpose:
echo "message to log in Splunk" | nc -u -q 0 <HOST> <PORT>
Example:
echo "message to log in Splunk" | nc -u -q 0 localhost 514
(This works on Linux)
On a Mac, you have to use the -w option instead of -q
echo "message to log in Splunk" | nc -u -w 0 splunkhost.mydomain.com 514
Maybe the netcat command is different on other *nix systems as well.
thanks! That's exactly what I was looking for.