search

pzbw / eventlog-to-syslog

Automatically exported from code.google.com/p/eventlog-to-syslog
0 stars 0 forks source link

Add Custom Field #12

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago 
Hello
Is possible add an additional field in the record log that i send to DB.
The field must be of type string, and customizable for each client.

Tahnks in advance

Original issue reported on code.google.com by roberto....@gmail.com on 27 Aug 2010 at 4:01

GoogleCodeExporter commented 8 years ago 
What type of field are you looking for, or what problem are you trying to 
solve? Is the hostname not sufficient?

-Sherwin

Original comment by sherwin....@gmail.com on 10 Sep 2010 at 12:48

GoogleCodeExporter commented 8 years ago

Original comment by sherwin....@gmail.com on 10 Sep 2010 at 1:00

GoogleCodeExporter commented 8 years ago 
Hi Roberto, I'm not sure if this is still a problem for you, but since I have 
not heard back I will go ahead and close this issue. Let me know if you still 
have a need in this area and I will reopen it.

Thanks,

Sherwin

Original comment by sherwin....@gmail.com on 4 Nov 2010 at 4:33

GoogleCodeExporter commented 8 years ago 
Hi Sherwin
this is not a problem for me but a necessity!
If you can change the code and add this integration I would be grateful
Many Thanks

Roberto

Original comment by roberto....@gmail.com on 4 Nov 2010 at 6:40

GoogleCodeExporter commented 8 years ago 
Roberto, check the latest changes in 4.4 and let me know if this works for you.

-Sherwin

Original comment by sherwin....@gmail.com on 29 Nov 2010 at 7:21

GoogleCodeExporter commented 8 years ago 
Hi Sherwin i check it ... many many thanks in advance

Original comment by roberto....@gmail.com on 29 Nov 2010 at 8:47

GoogleCodeExporter commented 8 years ago 
Sherwin I'm sorry but I do not see where you added the field in which to place 
a specific value

Original comment by roberto....@gmail.com on 29 Nov 2010 at 8:57

GoogleCodeExporter commented 8 years ago 
I did not add that particular feature. I wanted to first see if any of
these changes worked for you.

What need are you trying to meet may I ask?

-Sherwin

Original comment by sherwin....@gmail.com on 29 Nov 2010 at 9:01

GoogleCodeExporter commented 8 years ago 
Ah ok I understand ...

I have to collect and send the logs from many different servers and
locations and I want to add a personal id to every server/location.
That's why I need to add a custom field.
Many thanks

Original comment by roberto....@gmail.com on 1 Dec 2010 at 6:57

GoogleCodeExporter commented 8 years ago 
Hi Sherwin 

please you think is possible to add the custom field???
Many thanks 
Roberto

Original comment by roberto....@gmail.com on 2 Mar 2011 at 12:54

GoogleCodeExporter commented 8 years ago 
Hi,
I needed something like that. I need to tag every message in order to classify 
by content with syslog-ng. So, i've patched evtsys an added a new option to 
send a custom string as syslog program field. 
You can use -t TAG on install or add a new registry key "Tag" (REG_SZ). An 
example with -t EventLog:

Mar  5 22:10:52 WXP EventLog: MSSQL$SQLEXPRESS: 19030: Se inició el Id. de 
Traza de SQL 1 con el inicio de sesión "sa". 

(Yes, I'm spanish. This is why my english is so bad :)

Sherwin, may you check the attached diff?

Regards,

Original comment by wired...@gmail.com on 5 Mar 2011 at 9:29

Attachments:

GoogleCodeExporter commented 8 years ago 
Hi ... 
YES this is what I need
Please you can send me a binary version.
Many thanks 
Roberto

Original comment by roberto....@gmail.com on 6 Mar 2011 at 11:11

GoogleCodeExporter commented 8 years ago 
Ok, this is the 32bit binaries.

Original comment by wired...@gmail.com on 6 Mar 2011 at 6:28

Attachments:

GoogleCodeExporter commented 8 years ago 
Thank you very much!!!! wired
I hope Sherwin include it in the next release

Roberto

Original comment by roberto....@gmail.com on 6 Mar 2011 at 10:33

GoogleCodeExporter commented 8 years ago 
Thanks wired, I will look into adding this into the next release. That may be a 
few weeks out since I have to do some extensive testing of the TCP support.

Original comment by sherwin....@gmail.com on 7 Mar 2011 at 4:17

GoogleCodeExporter commented 8 years ago 
I´ll agree here, adding a custom tag would be awesome to trigger specific 
messages.
I'm using Rsyslog with

:syslogtag, contains, "Win" /var/log/windows
& >localhost,Syslog,rsyslog,password;dbFormat
& ~

Which triggers ALL snare parsed messages as they have WinSysEvent tag - and 
allows me to split Linux/Windows based messages nicely.

Original comment by kleindl....@gmail.com on 29 Mar 2011 at 8:27

GoogleCodeExporter commented 8 years ago 
I have completed adding this feature to the utility. The code has been 
uploaded, but I have not yet created the binaries. I will attempt to do that 
this weekend.

Thanks for your help wired.

Original comment by sherwin....@gmail.com on 1 Apr 2011 at 4:27

GoogleCodeExporter commented 8 years ago 
The binaries will be created tonight

Original comment by sherwin....@gmail.com on 8 Apr 2011 at 12:38