Project Description
This is a free Syslog server for windows.


This is a Syslog server for windows, and a configuration tool, and a simple Query application.
No installer is provided.

The server is a windows service, and can save the captured logs into an MS SQL database, or simply writes it to the local Eventlog. (Better to use MS SQL.) To use MS SQL there must be an SQL server. The service should use integrated windows authentication. The service also logs its own messages into the local Eventlog, and therefore a new logfile will have to be created.

Installation steps:
  • Configuration of the SQL store:
    • Find an appropriate SQL server, or install one for this purpose (MS SQL Express will do.)
    • Create a new Database
    • Create a user account in the windows or rather in the AD for the service.
    • Configure this account to have full controll, (DBOwner) on this new database.
    • Edit the file SysLogDB.sql with a text editor, and set the correct db name.
    • Create DB structure by executing the SysLogDB.sql file.
  • Installation of the service
    • Create the EventLog File by importing Eventlogsrc.reg
    • Check the EventMessageFile key under "{HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Syslog Server\Syslog Server}". It should point to the .NET framework folder, to "EventLogMessages.dll"
    • Copy the binary "SyslogServer.exe" and "SyslogMessage.dll" to a folder on the system, like %ProgramFiles%\SysLogSvr.
    • Create the new Service, either by the SC command line tool, or by importing the "service.reg" file. In case of import, check and correct the key ImagePath under "{HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\SysLogServer}" to point to the copied binary file.
    • Open Services.msc to check and configure the SysLogServer service:
      • Configure the Identity tab to match your service account.
      • Configure Sart type
      • Configure Error Control (my settings is to restart the service always)
    • Import the settings.reg to create an initial configuration.
    • Copy the "SyslogServerConfig.exe" to the same folder as the service binary.
    • Execute the SyslogServerConfig.exe" to configure logging settings, and database connection.
  • Installation of the Query tool
    • The query tool can be installed to any windows in the same domain.
    • The user account who will run this tool should have at lease read access to the SysLogDB.
    • Create a folder of your choice to hold the tool binaries. Most preferably in %ProgramFiles% folder.
    • Copy the binary "SysLogQuery.exe" to this folder
    • Copy the configuration file "SysLogQuery.exe.config" to this folder too
    • Edit the configuration file with a text editor, and correct the connection string to point to your DB.

Last edited Aug 20, 2014 at 3:58 PM by placa, version 4