Announcement

Collapse
No announcement yet.

Coordinating multiple machines to send logs to central system

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    Coordinating multiple machines to send logs to central system

    I apologise in advance, if this is a silly question...

    I have an environment which has multiple machines that I need information (logs) from due the the SOx legislation.

    Is it possible to use one machine to "harvest" the logs from multiple, selectable machines, so that I can dump them into a SQL database?

    Will the logs contain some sort of differentiating notation so that I will know that they are from specific machines?

    I am running Hyena 6.2
    Tags: None
  • #2
    Re: Coordinating multiple machines to send logs to central system

    Using the Exporter Pro utility in Hyena, you can use the WMI Event Log export. This creates a delimited text file on the computer you are running it on, and pulls the data from the computers you select.

    You could then take that delimited text file and import that into SQL.

    Comment

    • #3
      Re: Coordinating multiple machines to send logs to central system

      So I am in Exporter Pro and I am not able to get my mind around getting this process started.

      I started Exporter Pro - went configuration -> new export configuration.

      Name: SOx Test
      File name: SOxtest.ini
      Object file name: SOxTest.dat

      Selected "local computer

      Went Configuration -> Export Properties

      Selected WMI ->Export Properties.

      Under WMI I deselected all but Event Log and selected Properties

      The output file name is WMI_Process.txt

      After I run the process I get no results.

      Comment

      • #4
        Re: Coordinating multiple machines to send logs to central system

        It sounds like you are on the right track, except the file is called WMI_events.txt. You might want to put a c:\ in front of it to make it easier to find.

        Comment

        • #5
          Re: Coordinating multiple machines to send logs to central system

          The file c:\prorgam files\hyena\WMI_Events has "__CLASS __PATH __SERVER __SUPERCLASS Category CategoryString ComputerName Data EventCode EventIdentifier EventType InsertionStrings Logfile Message RecordNumber SourceName TimeGenerated TimeWritten Type User"

          but no events. What am I missing?

          Comment

          • #6
            Re: Coordinating multiple machines to send logs to central system

            Try this:

            Select a computer in Hyena that you know should be WMI enabled, then go to Tools->Exporter Pro->Export Selected Objects. Choose the configuration you created, or click the Settings button and enable the WMI Event Log export. Click the Start Export button, and let us know if you get any errors in Exporter Pro's right window.

            If not, let us know what the output file contains.

            Comment

            • #7
              Re: Coordinating multiple machines to send logs to central system

              I have liftoff. I was able to export the 3 items I selected in WMI.

              I am checking the output files now...

              Thanks for your help!

              Comment

              Previous template Next
              Working...
              X
              😀
              🥰
              🤢
              😎
              😡
              👍
              👎