I have been trying to get NXLog to send Syslog entries from the Teamviewer "Connections_incoming.txt" log file. It is a tab delimited file.
I found this site which supplied the basic code for the task:
which i couldn't get working as expected. To cut a long story short, i have discovered that the $raw_event is often blank, so the Syslog entries do not contain the necessary information. I have tried to google this issue, but i have not been able to find the information to figure this one out. There has been times when $raw_event did contain the information required from the original log file, but it is not reliable. Can someone please give me some suggestions on how to get information into the $raw_event function?
On the positive side, i do get a reliable Syslog entry whenever someone accesses the computer through Teamviewer. Using the code below, i get the message "Teamviewer Login Event"
Below is my current configuration. The if-else statement is designed to be as simple as possible to try fault-find the issue
define ROOT C:\Program Files (x86)\nxlog
File 'c:\Program Files (x86)\TeamViewer\Connections_incoming.txt'
$Hostname = hostname();
$SeverityValue = 5;
$MessageSourceAddress = hostname();
$SyslogFacilityValue = 4;
$SourceName = 'TeamViewer';
$EventTime = parsedate($5 + '-' + $4 + '-' + $3 + ' ' + $6);
$user = $2;
if ($raw_event == '') $Message = $raw_event + "Teamviewer Login Event";
else $Message = $raw_event + '['+ file_name() + ']';
Path in_teamviewer => out_syslog