Logs from logger don't appear in EventLog

Pavel Timofeev timp87@gmail.com
Mon Jun 3 06:53:00 GMT 2019


сб, 1 июн. 2019 г. в 17:08, Brian Inglis <Brian.Inglis@systematicsw.ab.ca>:
>
> On 2019-06-01 00:14, Pavel Timofeev wrote:
> > ср, 29 мая 2019 г. в 16:40, Pavel Timofeev:
> >> вт, 28 мая 2019 г., 19:41 Pavel Timofeev:
> >>> I see here and there that if any kind of syslog daemon is not
> >>> installed in Cygwin all messages sent to syslog will appear in
> >>> EventLog.
> >>> I couldn't find a documentation piece about how (and when) logging
> >>> work in Cygwin, only some emails in maillists.
> >>> Ok, here is my problem. I install cygwin on Windows 2008 R2 x64. Then
> >>> I install only two services in Cygwin: cron and sshd. No syslog daemon
> >>> at all. I want to see all syslog messages in EventLog.
> >>> And I see messages from sshd and cron in EventLog, but when I run
> >>> logger utility I can't see them in EventLog:
> >>>      /usr/bin/logger BLABLA
> >>> Am I missing something that matters? I need your help and expertise!
> >> Sorry, cygwin version 3.0.7, fresh installation with latest available packages
> > Just installed cygwin 3.0.7 on my home Windows 10.
> > No luck, no any messages from logger in any EventLog.
>
> Works fine for me with syslog-ng syslogd:
> $ ls -lF /dev/log
> srw-rw-rw- 1 SYSTEM SYSTEM 0 May 29 22:37 /dev/log=
> $ logger test
> $ tail -1 /var/log/syslog | cygcheck-hrsv.sed
> Jun  1 07:04:52 $HOSTNAME $USER: test
>
> As logger sends messages to /dev/log which may be a regular file, not a UNIX
> domain socket, or syslog UDP socket on port 514, in syslog format, rather than
> calling openlog/closelog/syslog(3), the messages may not go to the fallback
> Windows Event Log.

That's a lot! This clearly explains what's going on.
I've tried simple python example from
https://docs.python.org/2/library/syslog.html#syslog.openlog which is
a wrapper around openlog/closelog/syslog(3) calls. And bingo, I see
messages in EventLog.
I'm surprised that current logger implementation uses /dev/log or
network socket only, and there is no way to ask it to use
openlog/closelog/syslog(3) calls. However in the man page it tells
that it used them back in days.That's sad.
I've tried to play with --socket-errors=  logger option also. No luck.
As workaround I could write logger in python/perl/any_lang that uses
openlog/closelog/syslog(3) calls, name it logger and place somewhere
earlier in PATH


> You should ensure that /dev/log does not exist as a regular file, as that could
> affect logging:
> $ ls -lF /dev/log
> If not a socket (= flag), check the contents for your logging tests.
> Then delete /dev/log, and retest.
>
> You may need to run something like:
> https://www.codeproject.com/Articles/18086/Syslog-daemon-for-Windows-Eventlog
> to put syslog messages into the Windows Event Log.
>
> --
> Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada
>
> This email may be disturbing to some readers as it contains
> too much technical detail. Reader discretion is advised.
>
> --
> Problem reports:       http://cygwin.com/problems.html
> FAQ:                   http://cygwin.com/faq/
> Documentation:         http://cygwin.com/docs.html
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Thank you so much!

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple



More information about the Cygwin mailing list