Syslog lib/module for remote logging

ruby-talk
1

fr Park:
# You can try something like this:

···

#
# require 'socket'
# require 'win32/eventlog'
# include Win32
#
# syslog_dest = 13
# syslog_port = 514
# syslog_server = '192.168.123.122'
#
# s = UDPSocket.new
# EventLog.open('Application').tail{ |log|
# message = "WinEventLog
# #{log.time_generated.asctime}||#{log.event_type}||#{log.source
# }||#{log.computer}||#{log.user}||#{log.description}"
# s.send("<#{syslog_dest}>#{message}",0,syslog_server,syslog_port)
# }

Sweet.
But the udp just reminded that i'm sending security logs that i do _not want to miss.

Do you know of any syslog-like module that uses tcp? Is this possible using a drb-like framework?

kind regards -botp

2

remote syslog works on UDP. If you want to use TCP, you're not going to use
syslog. Two options: 1) examine how likely your system is to drop packets.
UDP usually drops packets in the kernel (either your computers or your
routers) when the network stack is congested or busy- it's easy to write a
test program that will make it happen, but quite rare in many local
networks. (Over the Internet, forget it.) 2) Use a reliable message-queueing
system of some kind.

···

On 6/2/06, Peña, Botp <botp@delmonte-phil.com> wrote:

fr Park:
# You can try something like this:
#
# require 'socket'
# require 'win32/eventlog'
# include Win32
#
# syslog_dest = 13
# syslog_port = 514
# syslog_server = '192.168.123.122'
#
# s = UDPSocket.new
# EventLog.open('Application').tail{ |log|
# message = "WinEventLog
# #{log.time_generated.asctime}||#{log.event_type}||#{log.source
# }||#{log.computer}||#{log.user}||#{log.description}"
# s.send("<#{syslog_dest}>#{message}",0,syslog_server,syslog_port)
# }

Sweet.
But the udp just reminded that i'm sending security logs that i do _not
want to miss.

Do you know of any syslog-like module that uses tcp? Is this possible
using a drb-like framework?

kind regards -botp

3

* Peña, Botp <botp@delmonte-phil.com> [060602 11:04]:

But the udp just reminded that i'm sending security logs that i do
_not want to miss.

Do you know of any syslog-like module that uses tcp? Is this possible
using a drb-like framework?

On unix side there are tcp base syslog implementations (see syslog-ng).
Don't know if it is possible to use them on MS systems.

Cheers,

Steph.