Get-Syslog Cmdlet
Parameters Output Objects Configuration Settings
The Get-Syslog component is used to receive network system log packets.
Syntax
Get-Syslog [parameters]
Remarks
The Syslog cmdlet implements a lightweight BSD syslog server as specified in RFC 3164. The cmdlet is used to receive BSD system network logging packets.
To use Syslog cmdlet you must specify a LocalPort value. Optionally, you can also set the Time property for the amount of seconds that the cmdlet should listen for incoming syslog messages. Setting LocalIP will bind to the specified local interface, this comes in handy when more than one network interfaces are available in the local host. For each packet, the cmdlet will parse the headers and message and return a IncomingSyslog event.
The cmdlets support pipeline input for some of their parameters. Prebuilding an object and piping it to the cmdlet is very useful, but should be used with caution to prevent security conflicts. Steps have been taken to decrease the risk of a possibly accidental pipe to the cmdlet, for instance, the Credential parameter cannot be piped to the cmdlet and must be specified manually.
#receive syslog packets for 20 seconds get-syslog -time 20
Parameter List
The following is the full list of the parameters of the cmdlet with short descriptions. Click on the links for further details.
| LogFile | The location of a file to which debug information is written. |
| Config | Specifies one or more configuration settings. |
| LocalIP | The IP address of the local interface to use. |
| LocalPort | The local port that the component should use. |
| LogFile | The location of a file to which debug information is written. |
| Time | Specifies the time that the Syslog daemon should wait for incoming UDP datagrams. |
Output Objects
The following is the full list of the output objects returned by the cmdlet with short descriptions. Click on the links for further details.
| IncomingSyslog | Created whenever a system log packet is received. |
Configuration Settings
The following is a list of configuration settings for the cmdlet with short descriptions. Click on the links for further details.
| AcceptData | Whether the component can accept/receive data. |
| AppName | Sets the App-Name field in RFC 5424. |
| MsgId | Sets the MsgId field in RFC 5424. |
| ProcId | Sets the ProcId field in RFC 5424. |
| ReceivedAppName | Returns the value of the App-Name field in RFC 5424. |
| ReceivedMsgId | Returns the value of the MsgId field in RFC 5424. |
| ReceivedProcId | Returns the value of the ProcId field in RFC 5424. |
| ReceivedSDElementCount | Returns the number of Structured-data elements in RFC 5424. |
| ReceivedSDElementId | Returns the Sd-Id value of the Sd-element with the specified SDElementIndex in RFC 5424. |
| ReceivedSDElementIndex | Returns the index of the Structured-Data element in RFC 5424. |
| ReceivedSDParamCount | Returns the number of the Sd-param values for the specified SDElementIndex in RFC 5424. |
| ReceivedSDParamName | Returns the name of the SD-Param field in RFC 5424. |
| ReceivedSDParamValue | Returns the value of the SD-Param field in RFC 5424. |
| SDElementCount | Sets the number of Structured-data elements in RFC 5424. |
| SDElementId | Sets the Sd-Id value of the Sd-element with the specified SDElementIndex in RFC 5424. |
| SDElementIndex | Sets the index of the Structured-Data element in RFC 5424. |
| SDParamCount | Sets the number of the Sd-param values for the specified SDElementIndex in RFC 5424. |
| SDParamName | Sets the name of the SD-Param field in RFC 5424. |
| SDParamValue | Sets the value of the SD-Param field in RFC 5424. |
| TCPMessageDelimiter | The message delimiter to use (if any) when sending and receiving over TCP. |
| UseHostname | Determines if the local host name or IP address is used in the Syslog header. |
| UseLocalTime | Indicates whether to use local time or GMT time for packet timestamps. |
| Version | Determines which Syslog version to use. |
| CaptureIPPacketInfo | Used to capture the packet information. |
| DestinationAddress | Used to get the destination address from the packet information. |
| DontFragment | Used to set the Don't Fragment flag of outgoing packets. |
| LocalHost | The name of the local host through which connections are initiated or accepted. |
| LocalPort | The port in the local host where the component binds. |
| MaxPacketSize | The maximum length of the packets that can be received. |
| QOSDSCPValue | Used to specify an arbitrary QOS/DSCP setting (optional). |
| QOSTrafficType | Used to specify QOS/DSCP settings (optional). |
| ShareLocalPort | If set to True, allows more than one instance of the component to be active on the same local port. |
| UseConnection | Determines whether to use a connected socket. |
| UseIPv6 | Whether or not to use IPv6. |
| AbsoluteTimeout | Determines whether timeouts are inactivity timeouts or absolute timeouts. |
| FirewallData | Used to send extra data to the firewall. |
| InBufferSize | The size in bytes of the incoming queue of the socket. |
| OutBufferSize | The size in bytes of the outgoing queue of the socket. |
| BuildInfo | Information about the product's build. |
| CodePage | The system code page used for Unicode to Multibyte translations. |
| LicenseInfo | Information about the current license. |
| UseInternalSecurityAPI | Tells the component whether or not to use the system security libraries or an internal implementation. |