This tutorial will show you how to create your own script and use it to search and replace text within a syslog message.
The scripting action requires the program to be registered. The freeware version will allow you to test the script action, but will not run it in normal operation. To try the full version for 30 days, please request a trial key from: http://www.kiwisyslog.com/trial
Step 1. Create the script action...
Create a new rule called "Replace text"
Add a new Run Script action.
Set the script file name to: ReplaceText.txt
Set the script description to: Replaces occurrences of "cat" with "dog".
Set the script language to VBScript
Set the field read/write permissions to:
Common fields: Read=Yes, Write=Yes
Other fields: Read=No, Write=No
Custom fields: Read=No, Write=No
Press the Edit Script button to open the file in notepad. Since the file doesn't exist, you will be prompted to create a new file.
Copy and paste the following script file into Notepad and then click the File | Save menu on notepad.
Function Main()
' Replace cat with dog within the message text field
Fields.VarCleanMessageText = Replace(Fields.VarCleanMessageText, "cat", "dog")
' Return OK to tell syslog that the script ran correctly.
Main = "OK"
End Function
Step 2. Create the actions...
Add a new Log to file action
Set the file name to "MyCustomLog.txt" in the folder of your choice.
Leave the file format as default.
Click the action and then press F4 to auto name the action "Log to file"
Add a new Display action
Leave the display number as default.
Click the action and then press F4 to auto name the action "Display"
The Run script action should be above the display and log to file actions. If not, you can move it up the list by selecting the action and using the ^ toolbar button.
Your rule should look like this:
Rules
Rule: Replace Text
Filters
Actions
Run Script
Display
Log to file
Step 3. Test the script...
Select the Run Script action.
Click the Test Setup button.
Change the message text to read: The cat sat on the mat.
Click the Show action button
Check the Show test results check box
Press the Test button
Once the script runs, the results will be opened in Notepad. There you will be able to see all the script variables. Check the VarCleanMessageText field and you should see the word "cat" has been changed to "dog".
Step 4. Test the script with SyslogGen.
Apply the new rule changes by clicking OK on the Kiwi Syslog Daemon Setup window. You will then have just the main syslog window showing.
Download SyslogGen from www.kiwisyslog.com
Install it on the same machine as the Syslog Daemon
Set the send options to "send message once"
Set the destination to localhost (127.0.0.1).
Set the message text to be: This is a test. The cat sat on the mat.
Press the Send button
You should now see the message appear on the display "This is a test. The dog sat on the mat."