DISCLAIMER : Please note that blog owner takes no responsibility of any kind for any type of data loss or damage by trying any of the command/method mentioned in this blog. You may use the commands/method/scripts on your own responsibility.If you find something useful, a comment would be appreciated to let other viewers also know that the solution/method work(ed) for you.


Using logger to send file data to syslogd

If you find yourself needing to have the contents of an ASCII text file written to syslog, then consider the use of the logger command. This comes with most Unix distributions and has also been ported to the Windows platform.

There may be times whereby an application or system only logs to a text file and this data needs to be collected into your log management solution. For this example, I’ll assume an ASCII text file with single line entries is the log file and its name is logdata.log. In this scenario, you can utilize the logger command utility to read each line of the file and send it to the local Syslog daemon.

The logger command has some useful command line parameters that can be useful to gain additional control over how the log messages are written to syslog. There are subtle differences between the Unix-based and Windows logger command as seen in the syntax below:

syntax of logger:

logger [-isd] [-f file] [-p pri] [-t tag] [-u socket] [message …]

Logger makes entries in the system log. It provides a shell command interface to the syslog system log module.

Options:
-i       Log the process id of the logger process with each line.
-s
Log the message to standard error, as well as the system log.
-f file
Log the specified file.
-p pri
Enter the message with the specified priority. The priority may be specified numerically or as a ``facility.level'' pair. For example, ``-p local3.info'' logs the message(s) as info rmational level in the local3 facility. The default is ``user.notice.''
-t tag
Mark every line in the log with the specified tag
-u sock
Write to socket as specified with socket instead of builtin syslog routines.
-d
Use a datagram instead of a stream connection to this socket.
--
End the argument list. This is to allow the message to start with a hyphen (-).
message
Write the message to log; if not specified, and the -f flag is not provided, standard input is logged.

The logger utility exits 0 on success, and >0 if an error occurs.
Valid facility names are: auth, authpriv (for security information of a sensitive nature), cron, daemon, ftp, kern, lpr, mail, news, security (deprecated synonym for auth), syslog, user, uucp, and local0 to local7, inclusive.

An example is shown below:

logger –f  logdata.log –p  local4.alert  Transaction rejected due to invalid data type.

Where the following is true:

logdata.log is the file containing the log messages to be written to syslog.
local4.alert is the facility and severity the log message will have when written to syslog.
“Transaction rejected due to invalid data type.” is the message that is written to syslog.



If you find yourself needing to have the contents of an ASCII text file written to syslog, then consider the use of the logger command. This comes with most Unix distributions and has also been ported to the Windows platform.
There may be times whereby an application or system only logs to a text file and this data needs to be collected into your log management solution. For this example, I’ll assume an ASCII text file with single line entries is the log file and its name is logdata.log. In this scenario, you can utilize the logger command utility to read each line of the file and send it to the local Syslog daemon.
The logger command has some useful command line parameters that can be useful to gain additional control over how the log messages are written to syslog. There are subtle differences between the Unix-based and Windows logger command as seen in the syntax below:
Unix-based logger:
logger [-isd] [-f file] [-p pri] [-t tag] [-u socket] [message …]
Windows-based logger:
logger [-?] [-is] [-f file] [-p pri] [-t tag] [-a port] [-l loghost] [-m udp|tcp|3195raw] [message ..]
An example in Unix is shown below:
logger –f logdata.log –p local4.alert Transaction rejected due to invalid data type.
Where the following is true:
logdata.log is the file containing the log messages to be written to syslog.
local4.alert is the facility and severity the log message will have when written to syslog.
“Transaction rejected due to invalid data type.” is the message that is written to syslog.
- See more at: http://blog.logrhythm.com/uncategorized/using-logger-to-send-file-data-to-syslogd/#sthash.vzh3d8eE.dpuf

Do you like this story?

No comments:

Post a Comment