Skip to main content
Start a Conversation

Unsolved

K

k11no

3 Posts

2428

June 3rd, 2019 02:00

SaveSysinfo - create eventlog file with correct filename variable

We still use WDM 5.7.2 with thin clients with fw ThinOS 8.6. Thin client models: 5010 and 5060.

We have a important need inn our environments. Our company has a great focus on security. My current task is to activate export of the event log from the thin clients, and make the Splunk-agent import them.

 

I need to export the eventlog to a FTP share, which seems to work ok. But, I struggle with the creation of correct filename.

I’ve ended up using these settings in the wnos.ini:

SaveSysinfo=ftp://servername/logging/$TN_$MAC.txt Username=****** Password=****** Append=yes Size=5000

The Reference Guide says I can use these settings:

$TERMNAME_LOG_{DATE}_{TIME}.txt

This won’t work, because the variable $TERMNAME is not known. The same with {DATE} and {TIME}. The output file name is then “$TERMNAME_LOG_{DATE}_{TIME}.txt” (exactly as written).

Searching through the Reference Guide I can find the variable $TN, which outputs the actual terminal name correctly. Problem now is that I can’t find any variables that work with DATE and TIME as part of the file name. I've googled linux variables to test, but haven't found anything useful.


Help?? I would very much like to have the date and time created in the filename, to have 1 logfile created each time a client boots.

With the current setting, I have 1 logfile for each client, which is locked by the thin client all day. With a locked file the Splunk agent can't import it.:-(

 

Anyone?? :-)

speedstep

9 Legend

 • 

47K Posts

June 3rd, 2019 06:00

@k11no wrote:

We still use WDM 5.7.2 with thin clients with fw ThinOS 8.6. Thin client models: 5010 and 5060.

We have a important need inn our environments. Our company has a great focus on security. My current task is to activate export of the event log from the thin clients, and make the Splunk-agent import them.

 

I need to export the eventlog to a FTP share, which seems to work ok. But, I struggle with the creation of correct filename.

I’ve ended up using these settings in the wnos.ini:

SaveSysinfo=ftp://servername/logging/$TN_$MAC.txt Username=****** Password=****** Append=yes Size=5000

The Reference Guide says I can use these settings:

$TERMNAME_LOG_{DATE}_{TIME}.txt

This won’t work, because the variable $TERMNAME is not known. The same with {DATE} and {TIME}. The output file name is then “$TERMNAME_LOG_{DATE}_{TIME}.txt” (exactly as written).

Searching through the Reference Guide I can find the variable $TN, which outputs the actual terminal name correctly. Problem now is that I can’t find any variables that work with DATE and TIME as part of the file name. I've googled linux variables to test, but haven't found anything useful.


Help?? I would very much like to have the date and time created in the filename, to have 1 logfile created each time a client boots.

With the current setting, I have 1 logfile for each client, which is locked by the thin client all day. With a locked file the Splunk agent can't import it.:-(

 

Anyone?? :-)

If this is local I would use

ftp://127.0.0.1/

View More

View All

No Events found!

Top