This is the mail archive of the
cygwin
mailing list for the Cygwin project.
Re: Logs from logger don't appear in EventLog
- From: Pavel Timofeev <timp87 at gmail dot com>
- To: Brian dot Inglis at systematicsw dot ab dot ca, cygwin at cygwin dot com
- Date: Mon, 3 Jun 2019 09:53:44 +0300
- Subject: Re: Logs from logger don't appear in EventLog
- References: <CAAoTqfuFnTfRsO42FYTo=h1qcvR3Z7NBBhXMexcoyn7EQRwB7g@mail.gmail.com> <CAAoTqfsmdD2bsrr4ADtZfEQnatUxQZ3tkSDQGM4VnK5WO3f6qQ@mail.gmail.com> <CAAoTqftL4dVJSPTt=HUsSsVGa0i5F3uJcGpEY-_tujgNaZXUbg@mail.gmail.com> <971084dc-5712-08bf-5797-63818d3055a0@SystematicSw.ab.ca>
сб, 1 июн. 2019 г. в 17:08, Brian Inglis <Brian.Inglis@systematicsw.ab.ca>:
>
> On 2019-06-01 00:14, Pavel Timofeev wrote:
> > ср, 29 мая 2019 г. в 16:40, Pavel Timofeev:
> >> вт, 28 мая 2019 г., 19:41 Pavel Timofeev:
> >>> I see here and there that if any kind of syslog daemon is not
> >>> installed in Cygwin all messages sent to syslog will appear in
> >>> EventLog.
> >>> I couldn't find a documentation piece about how (and when) logging
> >>> work in Cygwin, only some emails in maillists.
> >>> Ok, here is my problem. I install cygwin on Windows 2008 R2 x64. Then
> >>> I install only two services in Cygwin: cron and sshd. No syslog daemon
> >>> at all. I want to see all syslog messages in EventLog.
> >>> And I see messages from sshd and cron in EventLog, but when I run
> >>> logger utility I can't see them in EventLog:
> >>> /usr/bin/logger BLABLA
> >>> Am I missing something that matters? I need your help and expertise!
> >> Sorry, cygwin version 3.0.7, fresh installation with latest available packages
> > Just installed cygwin 3.0.7 on my home Windows 10.
> > No luck, no any messages from logger in any EventLog.
>
> Works fine for me with syslog-ng syslogd:
> $ ls -lF /dev/log
> srw-rw-rw- 1 SYSTEM SYSTEM 0 May 29 22:37 /dev/log=
> $ logger test
> $ tail -1 /var/log/syslog | cygcheck-hrsv.sed
> Jun 1 07:04:52 $HOSTNAME $USER: test
>
> As logger sends messages to /dev/log which may be a regular file, not a UNIX
> domain socket, or syslog UDP socket on port 514, in syslog format, rather than
> calling openlog/closelog/syslog(3), the messages may not go to the fallback
> Windows Event Log.
That's a lot! This clearly explains what's going on.
I've tried simple python example from
https://docs.python.org/2/library/syslog.html#syslog.openlog which is
a wrapper around openlog/closelog/syslog(3) calls. And bingo, I see
messages in EventLog.
I'm surprised that current logger implementation uses /dev/log or
network socket only, and there is no way to ask it to use
openlog/closelog/syslog(3) calls. However in the man page it tells
that it used them back in days.That's sad.
I've tried to play with --socket-errors= logger option also. No luck.
As workaround I could write logger in python/perl/any_lang that uses
openlog/closelog/syslog(3) calls, name it logger and place somewhere
earlier in PATH
> You should ensure that /dev/log does not exist as a regular file, as that could
> affect logging:
> $ ls -lF /dev/log
> If not a socket (= flag), check the contents for your logging tests.
> Then delete /dev/log, and retest.
>
> You may need to run something like:
> https://www.codeproject.com/Articles/18086/Syslog-daemon-for-Windows-Eventlog
> to put syslog messages into the Windows Event Log.
>
> --
> Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
>
> This email may be disturbing to some readers as it contains
> too much technical detail. Reader discretion is advised.
>
> --
> Problem reports: http://cygwin.com/problems.html
> FAQ: http://cygwin.com/faq/
> Documentation: http://cygwin.com/docs.html
> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Thank you so much!
--
Problem reports: http://cygwin.com/problems.html
FAQ: http://cygwin.com/faq/
Documentation: http://cygwin.com/docs.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple