From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 60077 invoked by alias); 3 Jun 2019 06:53:59 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 60070 invoked by uid 89); 3 Jun 2019 06:53:59 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_05,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE,SPF_PASS autolearn=no version=3.3.1 spammy=unsubscribe-simple, unsubscribesimple, Canada, much! X-HELO: mail-wr1-f66.google.com Received: from mail-wr1-f66.google.com (HELO mail-wr1-f66.google.com) (209.85.221.66) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 03 Jun 2019 06:53:57 +0000 Received: by mail-wr1-f66.google.com with SMTP id w13so10696380wru.11 for ; Sun, 02 Jun 2019 23:53:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :content-transfer-encoding; bh=HffwVUQlWM/TXTqTJJl/1Rbo63wQ+NJzkmjHfTwa/YA=; b=Ouse5uaXRI3e3/xwavt1rGbsSqy9Ou1qF3Cj06hoW4VHMk5YPLhRWIbKpDHbwOtvWN AYPgE9PB9SWaVfByYF4ivCTAod6T7Ri9O4sHmOUxCNZTbfZl/djUDgvq6mQWMY9UEyHF j7CRHmsmdNtLADBKiRIyztO1jjY94n9qiaudHGH6K0vhQB/vrqxB65E6KSvXSclyYvXE 5i1Inxo2bDqlieXOy5dmsUs+I2Q6g6uvLo+NQSygRgxNVh1YzLATI0rokQZzZEQAfsHb YMWEz8qVbhxHCwMkLrTpkI20a7W3s65yxJn0OKM/x2PjP6HbQKVHYCjPhGBOQVg4ZjN8 j6UA== MIME-Version: 1.0 References: <971084dc-5712-08bf-5797-63818d3055a0@SystematicSw.ab.ca> In-Reply-To: <971084dc-5712-08bf-5797-63818d3055a0@SystematicSw.ab.ca> From: Pavel Timofeev Date: Mon, 03 Jun 2019 06:53:00 -0000 Message-ID: Subject: Re: Logs from logger don't appear in EventLog To: Brian.Inglis@systematicsw.ab.ca, cygwin@cygwin.com Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-IsSubscribed: yes X-SW-Source: 2019-06/txt/msg00007.txt.bz2 =D1=81=D0=B1, 1 =D0=B8=D1=8E=D0=BD. 2019 =D0=B3. =D0=B2 17:08, Brian Inglis= : > > On 2019-06-01 00:14, Pavel Timofeev wrote: > > =D1=81=D1=80, 29 =D0=BC=D0=B0=D1=8F 2019 =D0=B3. =D0=B2 16:40, Pavel Ti= mofeev: > >> =D0=B2=D1=82, 28 =D0=BC=D0=B0=D1=8F 2019 =D0=B3., 19:41 Pavel Timofeev: > >>> I see here and there that if any kind of syslog daemon is not > >>> installed in Cygwin all messages sent to syslog will appear in > >>> EventLog. > >>> I couldn't find a documentation piece about how (and when) logging > >>> work in Cygwin, only some emails in maillists. > >>> Ok, here is my problem. I install cygwin on Windows 2008 R2 x64. Then > >>> I install only two services in Cygwin: cron and sshd. No syslog daemon > >>> at all. I want to see all syslog messages in EventLog. > >>> And I see messages from sshd and cron in EventLog, but when I run > >>> logger utility I can't see them in EventLog: > >>> /usr/bin/logger BLABLA > >>> Am I missing something that matters? I need your help and expertise! > >> Sorry, cygwin version 3.0.7, fresh installation with latest available = packages > > Just installed cygwin 3.0.7 on my home Windows 10. > > No luck, no any messages from logger in any EventLog. > > Works fine for me with syslog-ng syslogd: > $ ls -lF /dev/log > srw-rw-rw- 1 SYSTEM SYSTEM 0 May 29 22:37 /dev/log=3D > $ logger test > $ tail -1 /var/log/syslog | cygcheck-hrsv.sed > Jun 1 07:04:52 $HOSTNAME $USER: test > > As logger sends messages to /dev/log which may be a regular file, not a U= NIX > domain socket, or syslog UDP socket on port 514, in syslog format, rather= than > calling openlog/closelog/syslog(3), the messages may not go to the fallba= ck > Windows Event Log. That's a lot! This clearly explains what's going on. I've tried simple python example from https://docs.python.org/2/library/syslog.html#syslog.openlog which is a wrapper around openlog/closelog/syslog(3) calls. And bingo, I see messages in EventLog. I'm surprised that current logger implementation uses /dev/log or network socket only, and there is no way to ask it to use openlog/closelog/syslog(3) calls. However in the man page it tells that it used them back in days.That's sad. I've tried to play with --socket-errors=3D logger option also. No luck. As workaround I could write logger in python/perl/any_lang that uses openlog/closelog/syslog(3) calls, name it logger and place somewhere earlier in PATH > You should ensure that /dev/log does not exist as a regular file, as that= could > affect logging: > $ ls -lF /dev/log > If not a socket (=3D flag), check the contents for your logging tests. > Then delete /dev/log, and retest. > > You may need to run something like: > https://www.codeproject.com/Articles/18086/Syslog-daemon-for-Windows-Even= tlog > to put syslog messages into the Windows Event Log. > > -- > Take care. Thanks, Brian Inglis, Calgary, Alberta, Canada > > This email may be disturbing to some readers as it contains > too much technical detail. Reader discretion is advised. > > -- > Problem reports: http://cygwin.com/problems.html > FAQ: http://cygwin.com/faq/ > Documentation: http://cygwin.com/docs.html > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Thank you so much! -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple