Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Kiwi Syslog Server > Kiwi Syslog Server Administrator Guide > Scripting resources > Script functions

Script functions

When you are writing scripts for use with Kiwi Syslog Server, number of built in functions are available from the Fields object. To use a built in function, simply access the function name prefixed with the Fields object. Pass any parameters needed and the result is returned.

Built-in functions of the "Fields" object

Fields.IsValidIPAddress(IPAddress as string) as Boolean

Function: Checks the string passed to it and returns true if the string has a valid IP address format. Input parameters: IPAddress as string

Return value: Boolean (true/false)

Example usage:

If Fields.IsValidIPAddress(Fields.VarPeerAddress) = True then

Fields.VarCustom01 = Fields.VarPeerAddress

End if

Fields.ConvertIPtoHex(IPAddress As String) As String

Function: Converts an IP address to 8 byte hex format.

Input parameters: IPAddress as string

Return value: 8 byte hex value

Example usage:

If Fields.IsValidIPAddres(Fields.VarPeerAddress) = True then

Fields.VarCustom01 = Fields.ConvertIPToHex(Fields.VarPeerAddress)

End if

Fields.GetDailyStatistics() As String

Function: Returns the daily statistics page as a CRLF delimited string.

Input parameters: None

Return value: String

Example usage:

MyStats = Fields.GetDailyStatistics()

The resulting string can then be written to a file or e-mailed etc.

Fields.ConvertPriorityToText(PriorityValue)

Function: Converts a message priority value to a text representation of the facility level.

Input parameters: Priority value

Range: 0 to 191

Return value: Facility.Level as text string

Example: A value of 191 returns "Local7.Debug"

Example usage:

Filename = "C:\Programfiles\Syslogd\Logs\TestLog.txt"

' Use the date and time from the current message

With Fields

MsgDate = .VarDate & " " & .VarTime

MsgText = "This is a test message from the scripting action"

Data = MsgDate & vbtab & .ConvertPriorityToText(.VarPriority) & vbtab & _

.VarPeerAddress & vbtab & MsgText Call .ActionLogToFile(Filename, Data)

End with

Fields.ActionPlaySound(SoundFilename As String, RepeatCount as Long)

Function: Plays a beep or specified wav file. Can be repeated for x times or until cancelled. Input parameters: SoundFilename as string, RepeatCount as long

Return value: None

Specifying a empty string ("") for SoundFilename will result in the system beep sound.

RepeatCount options:

0 = repeat until cancelled (Cancel by pressing flashing bell on main display window)

1 to 100 = repeat specified number if times, or until cancelled manually

When the repeat count is greater than 1, the wav file or beep sound will be played at 5 second intervals.

Example usage:

' Play the squeak sound 5 times

Call Fields.ActionPlaySound("C:\Program Files\Syslogd\Sounds\Squeak.wav", 5)

' Play the squeak sound until cancelled

Call Fields.ActionPlaySound("C:\Program Files\Syslogd\Sounds\Squeak.wav", 0)

' Play the system beep sound 10 times

Call Fields.ActionPlaySound("", 10)

' Play the system beep sound until cancelled

Call Fields.ActionPlaySound("", 0)

Fields.ActionSendEmail(MailTo, MailFrom, MailSubject, MailMessage , [MailImportance] , [MailPriority] , [MailSensitivity] )

Function: Sends an e-mail to the addresses specified

Return value: None

Importance, Priority and Sensitivity E-mail Delivery Option parameters are optional.

E-mail Delivery Options

These parameters allow for the importance, priority and sensitivity flags of the e-mail message to be specified.

The e-mail recipients will recieve the messages with the various importance/priority/sensitivity levels set accordingly.

MailImportance:

0 - Unspecified (Default)

1 - High

2 - Normal

3 - Low

MailPriority:

0 - Unspecified (Default)

1 - Normal

2 - Urgent

3 - Non-Urgent

MailSensitivity:

0 - Unspecified (Default)

1 - Personal

2 - Private

3 - Confidential

To send the message to multiple addresses, separate each address with a comma.

E.g.:

MailTo = "user1@company.com,user2@company.com,user3@company.com"

Example usage: Send e-mail to joe@company.com, use default importance, priority and sensitivity

MailTo = "joe@company.com"

MailFrom = "server@company.com"

MailSubject = "This is a test of the scripting action"

MailMessage = "This is a test mail message" & vbCrLf & "Multiple lines."

Call Fields.ActionSendEmail(MailTo, MailFrom, MailSubject, MailMessage)

Example usage: Send e-mail to joe@company.com, High importance, Urgent priority, Confidential sensitivity

MailTo = "joe@company.com"

MailFrom = "server@company.com"

MailSubject = "This is a test of the scripting action"

MailMessage = "This is a test mail message" & vbCrLf & "Multiple lines." MailImportance = 1

MailPriority = 2

MailSensitivity = 3

Call Fields.ActionSendEmail(MailTo, MailFrom, MailSubject, MailMessage, MailImportance, MailPriority, MailSensitivity)

Fields.ActionLogToFile(Filename, Data, [RotateLogFile] , [RotationType] , [NumLogFiles] , [Amount] , [Unit])

Function: Opens the specified log file and appends the Data to the end of the file.

Return value: None

This function can be used to log messages to file in your own format.

AutoSplit syntax values can be used in the filename if you want.

To have the filename contain the current hour of the day, use %TimeHH

Example: Filename = "C:\Program files\Syslogd\Logs\TestLog%TimeHH.txt"

Example usage:

Filename = "C:\Program files\Syslogd\Logs\TestLog.txt" MsgPriority = "Local7.Info"

MsgHostAddress = Fields.VarPeerAddress

' Use the date and time from the current message MsgDate = Fields.VarDate & " " & Fields.VarTime

MsgText = "This is a test message from the scripting action"

Data = MsgDate & vbtab & MsgPriority & vbtab & MsgHostAddress & vbtab & MsgText

Call Fields.ActionLogToFile(Filename, Data)

Note: this example requires that Read permission be enabled for "Other fields". This gives the script read access to the VarDate and VarTime variables.

Log File Rotation:

For more information on Log File Rotation in Kiwi Syslog Server, please see Log File Rotation.

The parameters RotateLogFile, RotationType, NumLogFiles, Amount and Unit are all optional and only need to be specified if logging to a rotated log file.

RotateLogFile:

0 = Do not rotate log file

1 = Rotate log file

RotationType:

0 = Rotate log files when log file size exceeds the amount specified by Amount and Unit

1 = Rotate log files when log file age exceeds the amount specified by Amount and Unit

NumLogFiles: The number of log files to be used in the rotation.

Amount:

For RotationType=0 : Amount is a file size.

For RotationType=1 : Amount is a file age.

Unit For RotationType=0 : Unit relates to the size of the file and specifies whether the Amount is Bytes, KB, MB, etc.

0 = Bytes

1 = Kilobytes

2 = Megabytes

3 = Gigabytes

For RotationType=1: Unit relates to the age of the file and specifies whether the Amount is Minutes, Days, Weeks, etc.

0 = Minutes

1 = Hours

2 = Days

3 = Weekdays

4 = Weeks

5 = Months

6 = Quarters

7= Years

Example Usage:

Filename = "C:\Program files\Syslogd\Logs\TestLog.txt" MsgPriority = "Local7.Info"

MsgHostAddress = Fields.VarPeerAddress

' Use the date and time from the current message MsgDate = Fields.VarDate & " " & Fields.VarTime

MsgText = "This is a test message from the scripting action"

Data = MsgDate & vbtab & MsgPriority & vbtab & MsgHostAddress & vbtab & MsgText

RotateLogFile = 1 'Rotate this log

RotationType = 0 'Using File size rotation -

NumLogFiles = 4 'Use up to 4 log files

Amount = 1000 'Each log file no more than 1000

Unit = 0 'bytes in length

Call Fields.ActionLogToFile(Filename, Data, RotateLogFile, RotationType, NumLogFiles, Amount, Unit)

Example Usage (2):

Filename = "C:\Program files\Syslogd\Logs\TestLog.txt" MsgPriority = "Local7.Info"

MsgHostAddress = Fields.VarPeerAddress

' Use the date and time from the current message MsgDate = Fields.VarDate & " " & Fields.VarTime

MsgText = "This is a test message from the scripting action"

Data = MsgDate & vbtab & MsgPriority & vbtab & MsgHostAddress & vbtab & MsgText

RotateLogFile = 1 'Rotate this log

RotationType = 1 'Using File age rotation -

NumLogFiles = 12 'Use up to 12 log files

Amount = 1 'Each log file no more than 1

Unit = 5 'month old

Call Fields.ActionLogToFile(Filename, Data, RotateLogFile, RotationType, NumLogFiles, Amount, Unit)

Fields.ActionSendSyslog(Hostname, Message, Port, Protocol)

Function: Sends a syslog Message to Hostname on Port via Protocol.

Return value: None

Hostname: Text string containing the hostname or IP address of the remote host.

Message: Text string containing the priority tag and syslog message text

Port: Integer between 1 and 65535 (514 is the standard syslog port)

Protocol: Integer between 0 and 1 (0=UDP, 1=TCP)

This function can be used to send syslog messages to another syslog host via the UDP or TCP protocol.

Example usage:

Hostname = "10.0.0.1" ' Remote syslog host

Priority = 191 ' Local7.Debug

Port = 514 0 ' Use the standard syslog port

Protocol = ' 0=UDP, 1=TCP

' Construct the syslog message by adding <pri> value to the front of the text Message = "<" + Cstr(Priority) + ">" + "This is an example of a syslog message"</pri>

Call Fields.ActionSendSyslog(Hostname, Message, Port, Protocol)

Fields.ActionSpoofSyslog(AdapterAddress, SrcAddress, DstAddress, DstPort, Message)

Function: Sends a spoofed Syslog Message (UDP only) to DstAddress on Port DstPort. Return value: None

AdapterAddress: Text string containing the IP or MAC address of the network adapter that the message will be sent from.

(Can be an IP Addres:- ie "192.168.0.1", or MAC address:- ie. "00:50:56:C0:00:08")

SrcAddress: Text string containing the hostname or IP address of the source of the message (actual or spoofed)

DstAddress: Text string containing the hostname or IP address of the remote (receiving) host.

DstPort: Integer between 1 and 65535 (514 is the standard syslog port)

Message: Text string containing the priority tag and syslog message text

This function can be used to send syslog messages to another syslog host via the UDP protocol.

Example usage:

AdapterAddress = "192.168.1.100" ' Adapter Address (Can be IP Address- ie "192.168.0.1", or MAC address - ie. "00:50:56:C0:00:08")

SrcAddress = "192.10.10.1" ' Source of message

DstAddress = "10.0.0.1" ' Destination of message

DstPort = 514 ' Use the standard syslog port

Priority = 191 ' Local7.Debug

' Construct the syslog message by adding <pri> value to the front of the text Message = "<" + Cstr(Priority) + ">" + "This is an example of a syslog message"</pri>

Call Fields.ActionSpoofSyslog(AdapterAddress, SrcAddress, DstAddress, DstPort, Message)

Important Note:

This option also requires that WinPcap version 4.1 and above is installed. WinPcap (Windows Packet Capture library) is available for download from: WinPcap, The Packet Capture and Network Monitoring Library for Windows

Fields.ActionLogToFileWithCache(Filename, Data, [RotateLogFile] , [RotationType] , [NumLogFiles] , [Amount] , [Unit])

Function: Writes data to the specified log file. This function uses a write cache to improve performance. The cache is flushed every 100 messages or 5 seconds, which ever comes first. The cache settings can be adjusted via registry settings. This function is exactly the same as ActionLogToFile, except that it uses a write cache. We recommend the use of the write caching function when you are receiving more than 10 messages per second. Return value: None

This function can be used to log messages to file in your own format.

AutoSplit syntax values can be used in the filename if you want.

To have the filename contain the current hour of the day, use %TimeHH

Example: Filename = "C:\Program files\Syslogd\Logs\TestLog%TimeHH.txt"

Example usage:

Filename = "C:\Program files\Syslogd\Logs\TestLog.txt" MsgPriority = "Local7.Info"

MsgHostAddress = Fields.VarPeerAddress

' Use the date and time from the current message MsgDate = Fields.VarDate & " " & Fields.VarTime

MsgText = "This is a test message from the scripting action"

Data = MsgDate & vbtab & MsgPriority & vbtab & MsgHostAddress & vbtab & MsgText

Call Fields.ActionLogToFileWithCache(Filename, Data)

Note: this example requires that Read permission be enabled for "Other fields". This gives the script read access to the VarDate and VarTime variables.

Log File Rotation:

The parameters RotateLogFile, RotationType, NumLogFiles, Amount and Unit are all optional and only need to be specified if logging to a rotated log file.

RotateLogFile:

0 = Do not rotate log file

1 = Rotate log file

RotationType:

0 = Rotate log files when log file size exceeds the amount specified by Amount and Unit

1 = Rotate log files when log file age exceeds the amount specified by Amount and Unit

NumLogFiles: The number of log files to be used in the rotation.

Amount:

For RotationType=0 : Amount is a file size.

For RotationType=1 : Amount is a file age.

Unit For RotationType=0 : Unit relates to the size of the file and specifies whether the Amount is Bytes, KB, MB, etc.

0 = Bytes

1 = Kilobytes

2 = Megabytes

3 = Gigabytes

For RotationType=1: Unit relates to the age of the file and specifies whether the Amount is Minutes, Days, Weeks, etc.

0 = Minutes

1 = Hours

2 = Days

3 = Weekdays

4 = Weeks

5 = Months

6 = Quarters

7= Years

Example Usage:

Filename = "C:\Program files\Syslogd\Logs\TestLog.txt" MsgPriority = "Local7.Info"

MsgHostAddress = Fields.VarPeerAddress

' Use the date and time from the current message MsgDate = Fields.VarDate & " " & Fields.VarTime

MsgText = "This is a test message from the scripting action"

Data = MsgDate & vbtab & MsgPriority & vbtab & MsgHostAddress & vbtab & MsgText

RotateLogFile = 1 'Rotate this log

RotationType = 0 'Using File size rotation -

NumLogFiles = 4 'Use up to 4 log files

Amount = 1000 'Each log file no more than 1000

Unit = 0 'bytes in length

Call Fields.ActionLogToFileWithCache(Filename, Data, RotateLogFile, RotationType, NumLogFiles, Amount, Unit)

Example Usage (2):

Filename = "C:\Program files\Syslogd\Logs\TestLog.txt" MsgPriority = "Local7.Info"

MsgHostAddress = Fields.VarPeerAddress

' Use the date and time from the current message MsgDate = Fields.VarDate & " " & Fields.VarTime

MsgText = "This is a test message from the scripting action"

Data = MsgDate & vbtab & MsgPriority & vbtab & MsgHostAddress & vbtab & MsgText

RotateLogFile = 1 'Rotate this log

RotationType = 1 'Using File age rotation -

NumLogFiles = 12 'Use up to 12 log files

Amount = 1 'Each log file no more than 1

Unit = 5 'month old

Call Fields.ActionLogToFileWithCache(Filename, Data, RotateLogFile, RotationType, NumLogFiles, Amount, Unit)

Fields.ActionDeleteFile(Filename)

Function: Attempts to delete the specified file.

Return value: None

This function can be used to delete a log file to ensure a fresh start.

This function does not support wildcards, a specific file name must be specified. No confirmation is required, so be careful when using this function.

Example usage:

Filename = "C:\Program files\Syslogd\Logs\TestLog.txt"

Call Fields.ActionDeleteFile(Filename)

Fields.ActionDisplay(DisplayNumber, TabDelimitedMessage)

Function: Displays a message to the specified virtual display number.

Return value: None

This function can be used to display messages on the screen in your own format.

The TabDelimitedMessage must contain 5 tab delimited fields. The contents of each field can be anything you like. The normal display fields are: Date TAB Time TAB Priority TAB Hostname TAB Message.

Example usage:

With Fields

MsgPriority = ConvertPriorityToText(.VarPriority)

MsgHostAddress = .VarPeerAddress

' Use the date and time from the current message MsgDate = .VarDate & " " & .VarTime

MsgText = "This is a test message from the scripting action"

Display = MsgDate & vbtab & MsgTime & vbtab & MsgPriority & vbtab &_

MsgHostAddress & vbtab & MsgText

Call .ActionDisplay(0, Display)

End with

Fields.ActionLogToODBC(DSNString, TableName, InsertStatement, Timeout)

Function: Passes the InsertStatement to the database specified by DSNString and TableName. The timeout specifies how many seconds to keep the database connection open when idle.

Return value: For success, an empty string is returned. Otherwise the error is passed back as a string value.

This function can be used to log messages to a database in your own format. The connection to the database is held open internally to the program. This avoids the overhead of creating and breaking the connection each time data is sent. If no further data is sent to the database, once the timeout period has elapsed, the connection will be closed. The next time data needs to be sent, the connection will be reopened.

Example usage:

In the case of this example, a System DSN called "KiwiSyslog" has been created and points to a MS Access database. The SQL insert statement syntax changes slightly depending on the database type being written to. The example here has only been tested on MS Access 97 and 2000.

This example assumes that a table called "Syslogd" has already been created and contains all the required fields.

MyDSN = "DSN=KiwiSyslog;"

MyTable = "Syslogd"

MyFields = "MsgDate,MsgTime,MsgPriority,MsgHostname,MsgText"

' MS Access DB SQL INSERT command example:

' INSERT INTO Syslogd (MsgDate,MsgTime,MsgPriority,MsgHostname,MsgText)

' VALUES ('2004-08-08','13:26:26','Local7.Debug','host.company.com',

' 'This is a test message from Kiwi Syslog Server')

With Fields

' Construct the insert statement

SQLcmd = "INSERT INTO " & MyTable & " (" & MyFields & ") VALUES (" & _

Quote(.VarDate) & "," & Quote(.VarTime) & "," & _

Quote(.ConvertPriorityToText(.VarPriority)) & "," & _

Quote(.VarPeerAddress) & "," & Quote(.VarCleanMessageText) & ")"

' Log the data to database using DSN, Table, SQLcmd and Timeout of 30 seconds

.VarCustom01 = .ActionLogToODBC(MyDSN, MyTable, SQLcmd, 30)

' VarCustom01 now holds the return value from the function.

End with

Function Quote(Data)

' Replace all occurrences of ' with '' to escape existing quotes

' Wrap data with single quotes

Quote = "'" & Replace(Data, "'", "''") & "'"

End Function

Note:

  • This example requires that Read permission is enabled for "Other fields". This gives the script read access to the .VarDate and .VarTime variables.
  • There are more example scripts installed in the \Scripts sub folder.
Last modified
17:20, 23 Mar 2017

Tags

Classifications

Public