Summary
Sends a message to a syslog server
Syntax
Send-ToSyslog [-message] <Object> [[-severity] {emergency | alert | critical | error | warning | notice | informational | debug}] [[-facility] {kernel_message | user_message | mail_system | system_daemon | auth | syslog_internal | lpr | news | uucp | clock | secauth | ftp | ntp | log_audit | log_alert | cron | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7}] [[-clientname] <String>] [[-timestamp] <String>] [[-port] <Int32>] [[-tcp]] [[-tcpframing] <String>] [[-maxlen] <Int32>] [[-PassThru]] [[-target] <String>] [<CommonParameters>]
Description
This command forwards data to a syslog server. This command currently supports UDP (default) and TCP connections. For more information, see RFC 5424 in the 'See also' section.
Parameters
Name | Argument | Description |
---|---|---|
message | <Object> | Specifies the message to send |
severity | <syslog_severity_t> | Specifies the severity of the message. If not specified, the severity defaults to 'Informational'. |
facility | <syslog_facility_t> | Specifies the facility of the message. If not specified, the facility defaults to 'User Message'. |
clientname | <String> | Specifies the client name. If not specified, this command uses the current computer name. |
timestamp | <String> | Specifies the event time stamp. If not specified, this command uses the current time. |
port | <Int32> | Specifies the target port. If not specified and HPSINK_SYSLOG_MESSAGE_TARGET_PORT is not set, this command uses port 514 for both TCP and UDP. |
tcp | If specified, this command uses TCP instead of UDP. Default is UDP. Switching to TCP may generate additional traffic but allows the protocol to acknowledge delivery. | |
tcpframing | <String> | Specifies octet-counting or non-transparent-framing TCP framing. This parameter only applies if the -tcp parameter is specified. Default value is octet-counting unless HPSINK_SYSLOG_MESSAGE_TCPFRAMING is specified. For more information, see RFC 6587 in the "See also" section. |
maxlen | <Int32> | Specifies maximum length (in bytes) of message that the syslog server accepts. Common sizes are between 480 and 2048 bytes. Default is 2048 if not specified and HPSINK_SYSLOG_MESSAGE_MAXLEN is not set. |
PassThru | If specified, this command sends the message to the pipeline upon completion and any error in the command is non-terminating. | |
target | <String> | Specifies the target computer on which to perform this operation. Local computer is assumed if not specified and HPSINK_SYSLOG_MESSAGE_TARGET is not set. |
Inputs
The message can be piped to this command, rather than provided via the -message parameter.
Outputs
The message can be piped to this command, rather than provided via the -message parameter.
Notes
This command supports the following environment variables. These overwrite the defaults documented above.
- HPSINK_SYSLOG_MESSAGE_TARGET_PORT: override default target port
- HPSINK_SYSLOG_MESSAGE_TCPFRAMING: override TCP Framing format
- HPSINK_SYSLOG_MESSAGE_MAXLEN: override syslog message max length
- HPSINK_SYSLOG_MESSAGE_TARGET: override host name of the syslog server
Defaults can be configured via the environment. This affects all related commands. For example, when applying them to eventlog-related commands, all eventlog-related commands are affected.
In the following example, the HPSINK_EVENTLOG_MESSAGE_TARGET and HPSINK_EVENTLOG_MESSAGE_SOURCE variables affect both the Register-EventLogSink and Send-ToEventLog commands.
$ENV:HPSINK_EVENTLOG_MESSAGE_TARGET="remotesyslog.mycompany.com"
$ENV:HPSINK_EVENTLOG_MESSAGE_SOURCE="mysource"
Register-EventLogSink
"hello" | Send-ToEventLog
Examples
PS C:\> "hello" | Send-ToSyslog -tcp -server mysyslogserver.mycompany.com
PS C:\> This sends "hello" to the syslog server on mysyslogserver.mycompany.com via TCP. Alternately, the syslog server could be set in the environment variable HPSINK_SYSLOG_MESSAGE_TARGET.