If you are having issues with Kiwi Syslog Daemon not receiving and displaying messages, then you can use a free packet capture program such as Wireshark, Wireshark · Go Deep.


This program provides the ability to capture packets as they are sent to your Network Interface Card (NIC). By filtering for and analyzing this traffic, you will be able to determine if your network devices are actually sending the expected information to your system

To set up Ethereal:

  1. Download and install the program from Wireshark · Go Deep.
  2. Use the Capture menu to open the Capture Options form.
  3. Select your NIC and define a capture filter that will look for all packets sent to UDP port 514 (the default syslog port).
  4. Press the Start button and you should see packets being as in the image below.
  5. Stop the capture and view the data. It should show packets with the protocol being Syslog.


By mirroring a port on your Ethernet switch, Wireshark will show you everything! You can then use Kiwi SyslogGen (Freeware)  to replay syslog messages from a Wireshark file.

