Relaying messages with SENDLOG.bat

It might be the case that the BMC Defender Server is not the central collection point for messages, and merely participates in a larger management strategy, where various syslog and Trap Receiver agents roll information up to higher levels, filtering and processing this information along the way.

In this case, the he ODBC Data Source Name, created using the Windows Control Panel in step #1, is BMC Defender Server-database. file can be used to relay the received message to another syslog server. This program can be configured as a program action, possibly matching a select number of messages based upon severity, facility, host name, time of day, or keyword.

The SENDLOG.bat program takes the specified syslog message and then sends the message to another server. The syslog message is sent with the same severity and facility as the original message. The receiving host will see the message coming from the BMC Defender Server platform.

To configure the SENDLOG.bat action program, simply add the program with a single argument, that is the destination of the syslog message. This is sufficient to begin relaying syslog messages.

The SENDLOG.bat program makes use of the BMC Defender Server/system/sendlog.exe program, that is a useful command line utility for sending syslog messages, and that has brief help built into the program. This program takes four arguments: the destination host, the message, the optional severity, and the optional facility. (The severity and facility must be represented as numbers.) If no severity or facility is specified, they default to debug and user, respectively.

Execute the sendlog.exe program at a command prompt, with no arguments, to see how the program is used. Also, try using the sendlog.exe program interactively to send syslog messages to the BMC Defender Server. This is a valuable exercise, and illustrates how easily syslog messages can be sent by user written scripts and other programs.