Syslog forward

Got a good idea? You can suggest new features here.

Syslog forward

Postby kamsvag » Tue Jun 13, 2017 1:00 pm

I would like a feature where anything that ends up in the log is also forwarded to an external syslogServer making it easier to keep of-site logg of the activities in the house as I use eventGhost in my home alarm system.
kamsvag
 
Posts: 8
Joined: Mon Aug 24, 2015 10:48 am

Re: Syslog forward

Postby kgschlosser » Sat Jun 24, 2017 5:00 am

There is a way to have the event log published as a web page using the webserver plugin.

or you can use this plugin to send text messages to your cell phone when specific events take place

viewtopic.php?f=9&t=9660
If you like the work I have been doing then feel free to Image
User avatar
kgschlosser
Site Admin
 
Posts: 2702
Joined: Fri Jun 05, 2015 5:43 am
Location: Rocky Mountains, Colorado USA

Re: Syslog forward

Postby kamsvag » Tue Sep 05, 2017 1:54 pm

Ok, well that's not realy what I'm after.

I would like to have the entire log, in realtime mirrored to a syslog server where I can keep an backup. Simply as a security protocol.
I was for a bief moment considering writing a python-script to do this but I realized quickly I would end up creating a loop as it would show up in the log.

Any ideas?

I use EventGhost 24/7 and consider it a great tool.

Cheers!
kamsvag
 
Posts: 8
Joined: Mon Aug 24, 2015 10:48 am

Re: Syslog forward

Postby kgschlosser » Tue Sep 05, 2017 6:03 pm

you would have to create a thread to do it. and hav the thread loop. you do not want to create a loop in the action thread. the one that is running that handles the running of macros and what have you. this will lock up EG.

I do not know much about the syslog protocol I can take a look tho.
If you like the work I have been doing then feel free to Image
User avatar
kgschlosser
Site Admin
 
Posts: 2702
Joined: Fri Jun 05, 2015 5:43 am
Location: Rocky Mountains, Colorado USA

Re: Syslog forward

Postby Dragon470 » Wed Sep 06, 2017 12:09 pm

There are lots of examples out there that use the PyWin32 wrapper. I use it to monitor a few specific events. Like was said earlier, this needs to be put in a thread. The other issue that I have run into is permissions. In the Windows Logs I can access System and Application, but not Security. I even kept the website address that I used initially in my script. https://www.blog.pythonlibrary.org/2010/07/27/pywin32-getting-windows-event-logs/ To my surprise it still exists. All this does is get the events.
Dragon470
Experienced User
 
Posts: 201
Joined: Thu Feb 10, 2011 2:16 am

Re: Syslog forward

Postby kgschlosser » Wed Sep 06, 2017 3:28 pm

i thought this was for the EG log to be sent out to an external syslog server. I could be mistaken in my assumption. if that is the case then there is no permissions issue. if it is supposed to send out windows event logs then yes there would/could be some permissions hangups
If you like the work I have been doing then feel free to Image
User avatar
kgschlosser
Site Admin
 
Posts: 2702
Joined: Fri Jun 05, 2015 5:43 am
Location: Rocky Mountains, Colorado USA

Re: Syslog forward

Postby topix » Wed Sep 06, 2017 7:42 pm

Hej, here is a first version of a plugin that send log entries to a syslog-server. Everything what will be written to the log window will also be send to the syslog-server. There is no filter for events, programs, whatever. Maybe in later version.

Because this is a first version, there may/will still be bugs. Currently no error checking is done. I've tested it with a syslogd on my Synology NAS.

Just add the plugin and configure it. As long as the plugin is enabled it will send the log messages to the server.
Attachments
Log2Syslog_0_0_1.egplugin
(4.51 KiB) Downloaded 8 times
topix
Experienced User
 
Posts: 350
Joined: Sat May 05, 2007 3:43 pm
Location: Germany

Re: Syslog forward

Postby kgschlosser » Thu Sep 07, 2017 4:01 pm

@topix

if you look at the code i posted here it will give you a means to identify the different log entries
viewtopic.php?f=10&t=9811
If you like the work I have been doing then feel free to Image
User avatar
kgschlosser
Site Admin
 
Posts: 2702
Joined: Fri Jun 05, 2015 5:43 am
Location: Rocky Mountains, Colorado USA

Re: Syslog forward

Postby Luca Brasi » Fri Sep 08, 2017 7:30 am

Hi,

thanks for this new cool plugin!
I tested it on two machines and it is working!
A few notes and one error message I did find though:
Code: Select all
09:16:24   Traceback (most recent call last) (0.5.0-rc4):
09:16:24     File "wx\_core.pyc", line 16766, in <lambda>
09:16:24     File "C:\Program Files (x86)\EventGhost\eg\Classes\Log.py", line 254, in _WriteLine
09:16:24       listener.WriteLine(line, icon, wRef, when, indent)
09:16:24     File "C:\ProgramData\EventGhost\plugins\Log2Syslog\__init__.py", line 193, in WriteLine
09:16:24       MSG += line.encode('utf-8')
09:16:24   UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 42: ordinal not in range(128)

This comes up a lot in the eg log. The syslog is still written though. See attached log.

One more thing: There is this log redirector plugin which is writing the log to a file. If it is enabled Log2Syslog will not work which is kind of expected.
Maybe the plugins could be combined into one?
Attachments
mmhtpc.log
(93.37 KiB) Downloaded 6 times
Win8.1 x64 Prof. / Eventghost latest / auvisio vrc-1100-plugin and MCE Plugin / auvisio vrc-1100 and MCE Receiver / Logitech Harmony Hub / MediaPortal
User avatar
Luca Brasi
Experienced User
 
Posts: 225
Joined: Sat Oct 11, 2008 12:39 pm

Re: Syslog forward

Postby topix » Fri Sep 08, 2017 6:16 pm

Please edit the plugin file and in line 192 remove
Code: Select all
.encode('utf-8')
from
Code: Select all
MSG += line.encode('utf-8')
so you have only
Code: Select all
MSG += line


It looks like the contents of 'line' is already in unicode and i doubled the encoding.

Regarding the other plugin: What are your settings for the other plugin? I've tested it and both together works for me.
topix
Experienced User
 
Posts: 350
Joined: Sat May 05, 2007 3:43 pm
Location: Germany

Re: Syslog forward

Postby Luca Brasi » Mon Sep 11, 2017 1:26 pm

topix wrote:Please edit the plugin file and in line 192 remove
Code: Select all
.encode('utf-8')
from
Code: Select all
MSG += line.encode('utf-8')
so you have only
Code: Select all
MSG += line


It looks like the contents of 'line' is already in unicode and i doubled the encoding.


Ok, thanks. Did what you said and it is looking good!




topix wrote:Regarding the other plugin: What are your settings for the other plugin? I've tested it and both together works for me.


I have set it up like this:
[cannot upload screenshot atm. Don't know whats wrong]
Second radio button is set to enable standard eg log and the file.
File commit is set to 2 sec.
File is stripped at 2MB to 1MB.

If I log have Log2Syslog before log redirector in the autostart I will get log entries in the syslog server until the log redirector plugin is loaded.
Win8.1 x64 Prof. / Eventghost latest / auvisio vrc-1100-plugin and MCE Plugin / auvisio vrc-1100 and MCE Receiver / Logitech Harmony Hub / MediaPortal
User avatar
Luca Brasi
Experienced User
 
Posts: 225
Joined: Sat Oct 11, 2008 12:39 pm


Return to Feature Requests

Who is online

Users browsing this forum: No registered users and 3 guests