Unsolved
3 Posts
0
2428
SaveSysinfo - create eventlog file with correct filename variable
We still use WDM 5.7.2 with thin clients with fw ThinOS 8.6. Thin client models: 5010 and 5060.
We have a important need inn our environments. Our company has a great focus on security. My current task is to activate export of the event log from the thin clients, and make the Splunk-agent import them.
I need to export the eventlog to a FTP share, which seems to work ok. But, I struggle with the creation of correct filename.
I’ve ended up using these settings in the wnos.ini:
SaveSysinfo=ftp://servername/logging/$TN_$MAC.txt Username=****** Password=****** Append=yes Size=5000
The Reference Guide says I can use these settings:
$TERMNAME_LOG_{DATE}_{TIME}.txt
This won’t work, because the variable $TERMNAME is not known. The same with {DATE} and {TIME}. The output file name is then “$TERMNAME_LOG_{DATE}_{TIME}.txt” (exactly as written).
Searching through the Reference Guide I can find the variable $TN, which outputs the actual terminal name correctly. Problem now is that I can’t find any variables that work with DATE and TIME as part of the file name. I've googled linux variables to test, but haven't found anything useful.
Help?? I would very much like to have the date and time created in the filename, to have 1 logfile created each time a client boots.
With the current setting, I have 1 logfile for each client, which is locked by the thin client all day. With a locked file the Splunk agent can't import it.:-(
Anyone?? :-)
speedstep
9 Legend
9 Legend
•
47K Posts
1
June 3rd, 2019 06:00
If this is local I would use
ftp://127.0.0.1/