Announcement

Collapse
No announcement yet.

Jon00 Syslog Utility / UDP & TCP monitor

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    Jon00 Syslog Utility / UDP & TCP monitor

    Note: Windows Only

    This unmanaged plugin allows you to do several things relating to Syslog messages.

    a) Convert the HomeSeer Log to Syslog format for recording on a remote Syslog Server.
    b) Monitor Syslog messages from Routers, Wi-Fi Access Points, servers etc. and trigger Homeseer events based on search criteria.
    c) Relay Syslog messages to other ports and transport streams.

    Virtual devices are created which can be used to Trigger events and see the last Syslog message that arrived which met the trigger condition. Setup is quite flexible with several options including support for both UDP and TCP. Multiple trigger options are available including severity, facility, string and Regex match.

    Click image for larger version  Name:	Syslog.png Views:	1 Size:	40.0 KB ID:	1257849

    There are options to format the HS3 Syslog Message depending on your preference.

    Whilst not originally designed to do so, the plugin can be used to monitor both UDP and TCP transmissions and trigger on messages sent as a string. Whilst Syslog messages should be sent using UTF-8, I have included a method to change encodings as necessary.

    The screen grab below shows the HomeSeer log converted to syslog messages and recorded on Syslog Watcher which I have been using due to ease of use and feature set.

    Click image for larger version  Name:	SLW.png Views:	1 Size:	552.1 KB ID:	1257850

    As always, this utility is available to download from my site (click on my banner below).

    Any issues, please let me know.
    Jon


    #2
    There have been a several downloads for this. Any comments?
    Jon

    Comment


      #3
      Can you elaborate why this is for windows only?

      Comment


        #4
        Only that I only write stuff for myself but allow others to download it if they wish. I run HS3 on Windows and have no desire to spend time trying to get it to work on different platforms.
        Jon

        Comment


          #5
          Use it to send logs from hs3 windows machine (minimal install with 1-2plugins)

          to my main linux install. I receive the log with the ultralog plugin on linux.

          works great!!

          Comment


            #6
            Anyone have a config example to read Syslog from a router w/ triggers for specific MAC address / IP address making a DHCP request (coming on the network).

            jon00 ... any help is appreciated. Looks like this is what I need for near real-time detection if the phones come onto the network?

            thx!

            Comment


              #7
              jon00 no help?

              Comment


                #8
                I'm not sure what help you want. Does you router have the capability to send syslog messages? If so, have you enabled this? Do you know if the syslog messages contain the data you need?

                If your syslog is being sent correctly from your router, you should be able to monitor it using a free syslog server such as http://maxbelkov.github.io/visualsyslog/

                If you see it there, you can enable my plugin to read the syslog and trigger on specific messages.


                Jon

                Comment


                  #9
                  Here testing on a Windows 7 Pro Virtual box running Homeseer 3.

                  Following instructions provided by Jon...configured the INI file to get to a micro router running OpenWRT.

                  OpenWRT configuration. Note routers and WAPs typically have similiar settings.


                  Click image for larger version  Name:	syslog0.jpg Views:	0 Size:	44.5 KB ID:	1334362

                  Jon00 configuration INI file. Changed it to port 514 UDP. typo.

                  Click image for larger version  Name:	syslog1.jpg Views:	0 Size:	56.3 KB ID:	1334363

                  HS3 GUI

                  Click image for larger version  Name:	syslog2.jpg Views:	0 Size:	13.5 KB ID:	1334365

                  DD-OpenWRT logs show it connected to HS3 VB.

                  Sun Oct 20 14:56:24 2019 daemon.info logread[24314]: Logread connected to 192.168.244.170:514


                  Homeseer logs ...

                  Oct-20 3:00:15 PM Jon00_SysLog Connected to Homeseer
                  Oct-20 3:00:15 PM Jon00_SysLog Version 1.0.0
                  Oct-20 3:00:15 PM Jon00_Syslog ++++++++++
                  Oct-20 3:00:15 PM Jon00_SysLog Virtual device created for Address Jon00-SL-00 with Reference: 30
                  Oct-20 3:00:15 PM Jon00_Syslog UDP SysLog Server started on port 514 (listening for traffic from 192.168.255.182)
                  Oct-20 3:00:15 PM Jon00_Syslog ++++++++++
                  - Pete

                  Auto mator
                  Homeseer 3 Pro - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e 64 bit Intel Haswell CPU 16Gb- Mono 6.12.X
                  Homeseer Zee2 (Lite) - 3.0.0.548 (Linux) - Ubuntu 18.04/W7e - CherryTrail x5-Z8350 BeeLink 4Gb BT3 Pro - Mono 6.12.X
                  HS4 Pro - V4.1.7.0 - Ubuntu 18.04/VB W7e 64 bit Intel Kaby Lake CPU - 32Gb - Mono 6.12.x
                  HS4 Lite -

                  X10, UPB, Zigbee, ZWave and Wifi MQTT automation. OmniPro 2, Russound zoned audio, Smartthings hub, Hubitat Hub, and Home Assistant

                  Comment


                    #10
                    jon00
                    Pete

                    Sorry if my question was not clear... my syslog is being sent & seen properly.

                    My question :: How would you do the config file triggers for...

                    a) DHCPDISCOVER for MAC address.
                    b) ASSOC for MAC address.


                    thx!

                    Comment


                      #11
                      Would you please post your actual syslog messages for both.
                      Jon

                      Comment


                        #12
                        Originally posted by jon00 View Post
                        Would you please post your actual syslog messages for both.
                        from Visual Syslog Server...

                        Oct 20 18:43:11 192.168.2.1 kern info WLCEVENTD eth1: Assoc DC:EF:CA:AA:AA:AA
                        Oct 20 18:43:11 192.168.2.1 kern info WLCEVENTD eth2: Disassoc DC:EF:CA:AA:AA:AA
                        Oct 20 18:43:11 192.168.2.1 daemon info dnsmasq-dhcp[22155] DHCPDISCOVER(br0) dc:ef:ca:aa:aa:aa

                        Comment


                          #13
                          Hopefully, it would be as simple as this:
                          Code:
                          [Trigger1]
                          HostIP=
                          FacilityNo=
                          SeverityNo=
                          Message=" Assoc DC:EF:CA:AA:AA:AA"
                          ReTriggerPeriod=
                          EventTrigger=Assoc_event_name
                          ScriptTrigger=
                          HSLogTriggerText=
                          LogTriggers=1
                          LogDirectory
                          
                          [Trigger2]
                          HostIP=
                          FacilityNo=
                          SeverityNo=
                          Message="DHCPDISCOVER(br0) dc:ef:ca:aa:aa:aa"
                          ReTriggerPeriod=
                          EventTrigger=DCHPDicover_event_name"
                          ScriptTrigger=
                          HSLogTriggerText=
                          LogTriggers=1
                          LogDirectory
                          Jon

                          Comment


                            #14
                            jon00 thx. I put those in and restarted HS3 (tried restarting the plugin a few times beforehand)... its not building the devices?

                            Comment


                              #15
                              Basic questions:

                              1) Have you setup the settings under [SysLogServer1]?
                              2) Is the plugin running? There should be an orange circle icon in your Windows sys tray.

                              The plugin needs to be started/restarted after the settings are changed.
                              Jon

                              Comment

                              Working...
                              X