Send-ToSyslog



Summary

Sends a message to a syslog server

Syntax

Send-ToSyslog [-message] <Object> [[-severity] {emergency | alert | critical | error | warning | notice | informational | debug}] [[-facility] {kernel_message | user_message | mail_system | system_daemon | auth | syslog_internal | lpr | news | uucp | clock | secauth | ftp | ntp | log_audit | log_alert | cron | local0 | local1 | local2 | local3 | local4 | local5 | local6 | local7}] [[-clientname] <String>] [[-timestamp] <String>] [[-port] <Int32>] [[-tcp]] [[-tcpframing] <String>] [[-maxlen] <Int32>] [[-PassThru]] [[-target] <String>] [<CommonParameters>]

Description

This command forwards data to a syslog server. This command currently supports UDP (default) and TCP connections. For more information, see RFC 5424 in the 'See also' section.

Parameters

Name Argument Description
message <Object> Specifies the message to send
severity <syslog_severity_t> Specifies the severity of the message. If not specified, the severity defaults to 'Informational'.
facility <syslog_facility_t> Specifies the facility of the message. If not specified, the facility defaults to 'User Message'.
clientname <String> Specifies the client name. If not specified, this command uses the current computer name.
timestamp <String> Specifies the event time stamp. If not specified, this command uses the current time.
port <Int32> Specifies the target port. If not specified and HPSINK_SYSLOG_MESSAGE_TARGET_PORT is not set, this command uses port 514 for both TCP and UDP.
tcp If specified, this command uses TCP instead of UDP. Default is UDP. Switching to TCP may generate additional traffic but allows the protocol to acknowledge delivery.
tcpframing <String> Specifies octet-counting or non-transparent-framing TCP framing. This parameter only applies if the -tcp parameter is specified. Default value is octet-counting unless HPSINK_SYSLOG_MESSAGE_TCPFRAMING is specified. For more information, see RFC 6587 in the "See also" section.
maxlen <Int32> Specifies maximum length (in bytes) of message that the syslog server accepts. Common sizes are between 480 and 2048 bytes. Default is 2048 if not specified and HPSINK_SYSLOG_MESSAGE_MAXLEN is not set.
PassThru If specified, this command sends the message to the pipeline upon completion and any error in the command is non-terminating.
target <String> Specifies the target computer on which to perform this operation. Local computer is assumed if not specified and HPSINK_SYSLOG_MESSAGE_TARGET is not set.

Inputs

The message can be piped to this command, rather than provided via the -message parameter.

Outputs

The message can be piped to this command, rather than provided via the -message parameter.

Notes

This command supports the following environment variables. These overwrite the defaults documented above.

  • HPSINK_SYSLOG_MESSAGE_TARGET_PORT: override default target port
  • HPSINK_SYSLOG_MESSAGE_TCPFRAMING: override TCP Framing format
  • HPSINK_SYSLOG_MESSAGE_MAXLEN: override syslog message max length
  • HPSINK_SYSLOG_MESSAGE_TARGET: override host name of the syslog server

Defaults can be configured via the environment. This affects all related commands. For example, when applying them to eventlog-related commands, all eventlog-related commands are affected.

In the following example, the HPSINK_EVENTLOG_MESSAGE_TARGET and HPSINK_EVENTLOG_MESSAGE_SOURCE variables affect both the Register-EventLogSink and Send-ToEventLog commands.

$ENV:HPSINK_EVENTLOG_MESSAGE_TARGET="remotesyslog.mycompany.com"
$ENV:HPSINK_EVENTLOG_MESSAGE_SOURCE="mysource"
Register-EventLogSink
"hello" | Send-ToEventLog

Examples


PS C:\> "hello" | Send-ToSyslog -tcp -server mysyslogserver.mycompany.com PS C:\> This sends "hello" to the syslog server on mysyslogserver.mycompany.com via TCP. Alternately, the syslog server could be set in the environment variable HPSINK_SYSLOG_MESSAGE_TARGET.

See also