My favorites | Sign in
Project Home Downloads Wiki Issues Source
Summary   People
Project Information
Members
Featured
Downloads

Eventlog to Syslog Service for Windows

This program is written in C and provides a method of sending Windows Eventlog events to a syslog server. It works with the new Windows Events service found in Vista and Server 2008 and can be compiled for both 32 and 64-bit environments. Designed to keep up with very busy servers, it is fast, light, and efficient. The program is designed to run as a windows service.

It is an adaption of Curtis Smith's Eventlog to Syslog service found at https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys/

It contains the following improvements on Smith's utility:

Update:

  • Added a new download file per user request. It's available in the downloads section as well as under the 4.4.3 tag's Executables folders. It is exactly the same as the 4.4.3 source code, built with a maximum message size of 4096.

v4.4.3:

  • Improved performance in Server 2008 by implementing event subscriptions. Thanks to Martin for pointing me in the right direction.

v4.4.2:

  • Added support for custom tags from a server. Use the -t flag when installing (Thanks wired)
  • Added support for up to four log hosts simultaneously
  • Fix a bug that causes excessive errors when an event cannot be retrieved on Server 2008
  • Fix an issue not allowing a log level of 4 to be valid
  • Began support for configurable maximum log size. Not yet completed
  • Lightly tested TCP support has been implemented. Error checking and fault tolerance not yet finished. Documentation will be forthcoming for those who want to help test it

v4.4.1:

  • Fixed a bug checking the windows events engine installed

v4.4:

  • Finally added the ability to send only specified events
  • Set Audit Failures to show as Error instead of Notice on Vista/2k8+
  • Allow user to specify the minimum severity to process
  • Added registry keys to configure the minimum severity and mode
  • The keys are LogLevel and IncludeOnly. Both DWORD values where 0 equals disabled. See readme for additional details.

v4.3.1:

  • Bugfix: Fixed bug where hostnames on Server 2003 and earlier were getting an extra leading space.

Powered by Google Project Hosting