Lost syslog packets

I wrote a program that listens on UDP port 514 for syslog messages and writes any incoming packets to a log file. On one of the servers where this program is deployed, it has suddenly stopped writing to the log file. It is working fine on all other se开发者_高级运维rvers.

Steps I have taken to diagnose the problem.

1) Wrote a udp packet sender (A) that sends data on udp 514 to that server. The program receives those packets and writes them to file just fine.

2) Ran tcpdump to see if the rig (B) that is supposed to send data to that server was in fact doing so. It was.

3) Ran (A) while tcpdump was running to see if the destination IP address and port were the same as the packets from (B). They were.

4) Stopped the program and wrote a listener that just prints anything received on udp 514 to screen. The listener printed only packets from (A).

Are there any network experts around who can think of other diagnostic tests I can perform to find out what's wrong?

If it stopped writing the log file possibly your code is buggy. If the udp listener does not read data from the socket, the transfer will still be shown by the network sniffer tool. Use a debugger to find out what your program is doing.