fr Park:
You can try something like this:
require ‘socket’
require ‘win32/eventlog’
include Win32
syslog_dest = 13
syslog_port = 514
syslog_server = ‘192.168.123.122’
s = UDPSocket.new
EventLog.open(‘Application’).tail{ |log|
message = "WinEventLog
#{log.time_generated.asctime}||#{log.event_type}||#{log.source
}||#{log.computer}||#{log.user}||#{log.description}"
s.send("<#{syslog_dest}>#{message}",0,syslog_server,syslog_port)
}
Sweet.
But the udp just reminded that i’m sending security logs that i do _not
want to miss.
Do you know of any syslog-like module that uses tcp? Is this possible
using a drb-like framework?
kind regards -botp
remote syslog works on UDP. If you want to use TCP, you’re not going to
use
syslog. Two options: 1) examine how likely your system is to drop
packets.
UDP usually drops packets in the kernel (either your computers or your
routers) when the network stack is congested or busy- it’s easy to write
a
test program that will make it happen, but quite rare in many local
networks. (Over the Internet, forget it.) 2) Use a reliable
message-queueing
system of some kind.
But the udp just reminded that i’m sending security logs that i do
_not want to miss.
Do you know of any syslog-like module that uses tcp? Is this possible
using a drb-like framework?
On unix side there are tcp base syslog implementations (see syslog-ng).
Don’t know if it is possible to use them on MS systems.
Cheers,
Steph.