Logs from logger don't appear in EventLog

Sat Jun 1 14:08:00 GMT 2019

>>> I see here and there that if any kind of syslog daemon is not
>>> installed in Cygwin all messages sent to syslog will appear in
>>> EventLog.
>>> I couldn't find a documentation piece about how (and when) logging
>>> work in Cygwin, only some emails in maillists.
>>> Ok, here is my problem. I install cygwin on Windows 2008 R2 x64. Then
>>> I install only two services in Cygwin: cron and sshd. No syslog daemon
>>> at all. I want to see all syslog messages in EventLog.
>>> And I see messages from sshd and cron in EventLog, but when I run
>>> logger utility I can't see them in EventLog:
>>>      /usr/bin/logger BLABLA
>>> Am I missing something that matters? I need your help and expertise!
>> Sorry, cygwin version 3.0.7, fresh installation with latest available packages
> Just installed cygwin 3.0.7 on my home Windows 10.
> No luck, no any messages from logger in any EventLog.

Works fine for me with syslog-ng syslogd:
$ ls -lF /dev/log
srw-rw-rw- 1 SYSTEM SYSTEM 0 May 29 22:37 /dev/log=
$ logger test
$ tail -1 /var/log/syslog | cygcheck-hrsv.sed
Jun  1 07:04:52 $HOSTNAME $USER: test

As logger sends messages to /dev/log which may be a regular file, not a UNIX
domain socket, or syslog UDP socket on port 514, in syslog format, rather than
calling openlog/closelog/syslog(3), the messages may not go to the fallback
Windows Event Log.

You should ensure that /dev/log does not exist as a regular file, as that could
affect logging:
$ ls -lF /dev/log
If not a socket (= flag), check the contents for your logging tests.
Then delete /dev/log, and retest.

You may need to run something like:
to put syslog messages into the Windows Event Log.

Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada

