NTSyslog
About NTSyslog
This program runs as a service under Windows NT based operating systems. It formats all System, Security, and Application events into a single line and sends them to a syslog(3) host.
Get the msi installer at the project's sourceforge download page: http://sourceforge.net/projects/ntsyslog/files/
For more information on configuring NTSyslog, visit the project site on http://ntsyslog.sourceforge.net/
MSI installer package.xml
These install commands do the following:
- Install NTsyslog silently
- Import settings from a registry file
- Delete the Control-Tool Link from Desktop
- Start the NTSyslog service
<packages>
<package id="ntsyslog" name="NTSyslog" revision="1.15" priority="5" reboot="false">
<check type="uninstall" condition="exists" path="NTSyslog"/>
<install cmd='msiexec /i "%SOFTWARE%\ntsyslog\NTSyslog2.msi" /qn' timeout="120"/>
<install cmd='regedit /S "%SOFTWARE%\ntsyslog\settings.reg"' timeout="10"/>
<install cmd='%COMSPEC% /C del /Q "%ALLUSERSPROFILE%\Desktop\NTSyslogCtrl-Tool.lnk"' timeout="10"/>
<install cmd='net start NTSYSLOG' timeout="10"/>
<upgrade cmd='net stop NTSYSLOG' timeout="10">
<exit code="2" /> <!-- Service not running -->
</upgrade>
<upgrade cmd='msiexec /qn /I "%SOFTWARE%\ntsyslog\NTSyslog2.msi"' />
<upgrade cmd='regedit /S "%SOFTWARE%\ntsyslog\ntsyslog.reg"' timeout="10"/>
<upgrade cmd='%COMSPEC% /C del /Q "%ALLUSERSPROFILE%\Desktop\NTSyslogCtrl-Tool.lnk"' timeout="10">
<exit code="any" /> <!-- For an upgrade shortcut may already have been deleted. -->
</upgrade>
<upgrade cmd='net start NTSYSLOG' timeout="10"/>
<remove cmd='msiexec /qn /x{39188B0E-A360-4F55-BA81-6D88BC00686C}' />
</package>
</packages>
Example .reg file for unattended tweaking of NTSyslog setting
See "Registry Settings" on http://ntsyslog.sourceforge.net/ for more information on tweaking your settings.
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\SaberNet] "Syslog"="fqdn.or.ip.of.your.syslog.server" "Syslog1"="fqdn.or.ip.of.your.backup.syslog.server" [HKEY_LOCAL_MACHINE\SOFTWARE\SaberNet\Syslog\System] "Information"=dword:00000001 "Information Priority"=dword:0000001e "Warning"=dword:00000001 "Warning Priority"=dword:0000001c "Error"=dword:00000001 "Error Priority"=dword:0000001b "Audit Success"=dword:00000001 "Audit Success Priority"=dword:0000001d "Audit Failure"=dword:00000001 "Audit Failure Priority"=dword:0000001d [HKEY_LOCAL_MACHINE\SOFTWARE\SaberNet\Syslog\Security] "Information"=dword:00000001 "Information Priority"=dword:00000026 "Warning"=dword:00000001 "Warning Priority"=dword:00000024 "Error"=dword:00000001 "Error Priority"=dword:00000023 "Audit Success"=dword:00000001 "Audit Success Priority"=dword:00000025 "Audit Failure"=dword:00000001 "Audit Failure Priority"=dword:00000025 [HKEY_LOCAL_MACHINE\SOFTWARE\SaberNet\Syslog\Application] "Information"=dword:00000001 "Information Priority"=dword:0000000e "Warning"=dword:00000001 "Warning Priority"=dword:0000000c "Error"=dword:00000001 "Error Priority"=dword:0000000b "Audit Success"=dword:00000001 "Audit Success Priority"=dword:0000000d "Audit Failure"=dword:00000001 "Audit Failure Priority"=dword:0000000d