Solved: commandline method to test Splunk over UDP?

tedder · ‎09-28-2010

There must be an easy way to fire a single message over UDP to a splunk forwarder/server. "logger" nearly does it. I want to do something like this:

testlogger -h host -p port "message to log in Splunk"

Let me specify- Unix commandline. I suppose I could write a few lines of code, but am I the first person to want this?

ziegfried · ‎09-28-2010

You can use netcat for this purpose:

echo "message to log in Splunk" | nc -u -q 0 <HOST> <PORT>

Example:

echo "message to log in Splunk" | nc -u -q 0 localhost 514

(This works on Linux)

On a Mac, you have to use the -w option instead of -q

echo "message to log in Splunk" | nc -u -w 0 splunkhost.mydomain.com 514

Maybe the netcat command is different on other *nix systems as well.

ziegfried · ‎09-28-2010

You can use netcat for this purpose:

echo "message to log in Splunk" | nc -u -q 0 <HOST> <PORT>

Example:

echo "message to log in Splunk" | nc -u -q 0 localhost 514

(This works on Linux)

On a Mac, you have to use the -w option instead of -q

echo "message to log in Splunk" | nc -u -w 0 splunkhost.mydomain.com 514

Maybe the netcat command is different on other *nix systems as well.

tedder · ‎09-28-2010

thanks! That's exactly what I was looking for.

commandline method to test Splunk over UDP?