EdwardTim / eventlog-to-syslog

Automatically exported from code.google.com/p/eventlog-to-syslog
0 stars 0 forks source link

Use FQDN in message instead of 'windows computer name' [patch] #45

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
We'd like to feed the event logs into a SIEM. In order to do correlation, the 
SIEM needs the IP address (or a resolvable hostname) and using %COMPUTERNAME% 
doesn't get us there. The attached patch will find the first IP address on the 
system and use that in the syslog message. If the IP is resolvable to a FQDN, 
then that will be used. This feature is optional by specifying the command line 
option "-a" when installing the service. 

Original issue reported on code.google.com by jeff.murphy on 20 Jul 2011 at 5:53

Attachments:

GoogleCodeExporter commented 8 years ago
Hmm. This got submitted as a defect, but is an enhancement. 

Original comment by jeff.murphy on 20 Jul 2011 at 5:53

GoogleCodeExporter commented 8 years ago
Thanks Jeff, I will look at adding this to the next release.

-Sherwin

Original comment by sherwin....@gmail.com on 1 Aug 2011 at 3:44

GoogleCodeExporter commented 8 years ago
Fixed, awaiting build and test.

Original comment by sherwin....@gmail.com on 16 Oct 2012 at 4:39