Capturing Syslog
I am new to wireshark. Sorry for the ignorance. How to capture security logs in wireshark?
add a comment
I am new to wireshark. Sorry for the ignorance. How to capture security logs in wireshark?
The default port for syslog traffic is udp/514, so if you're looking for a capture filter, it'd be udp dst port 514
and if you're looking for a Wireshark display filter, it'd be udp.dstport eq 514
.
Please start posting anonymously - your entry will be published after you log in or create a new account.
Asked: 2023-04-30 12:59:45 +0000
Seen: 2,154 times
Last updated: May 02 '23