[Beta] Push user logs to Syslog server

I'm not very experienced with syslog, but this device driver works for me. feedback is appreciated.



So, you're using a localhost connection to the websocket within hubitat to get the logs? Why not simply connect to the websocket from the system you are dumping the logs to? That seems like it would be a lot less hassle and trouble to me. This is like faxing yourself a copy something you just noted down. Yeah, it works. But could you have just kept the note?

That would require more software. If you just have a syslog server running somewhere you can use this driver to send your logs to it. Otherwise you'd have to setup a nodejs server or something else to pull the logs from the hub and then send it to the syslog server (3 servers) instead of the syslog server and the hubitat hub (2 servers)

Thanks for this. I like that its formatted correctly for syslogging.

1 Like

Thanks for the kind words. @Evilborg, thanks for noticing the formatting. :smile: It was really important to me that it matched up to spec too.

@johnwick, I tried -- with mixed success -- using the websocket plugin for Logstash. It was okay, but I have quite a bit already invested with syslog servers (since nearly all my infrastructure "speaks" it in some form or fashion). And even though I do use logstash and the "beats" quite a lot, configure the websocket plugin for all the odd devices on my HE got to be overwhelming. As @User12Hubitat mentioned, my logstash instance became the 3rd server.

When @User12Hubitat gave me a headstart (!) with UDP -- and though I do like nodejs, I was glad to not have to stand that up -- I sort of ran with it.


I'm getting a 404 when I try to pull up the link to the code. Has the code base moved to another repo?

Definitely looking to try out the syslog function! Excellent work based on what I've read in this and another thread.



Thank you, that link works!

1 Like

Thank you @staylorx , @User12Hubitat! I was looking for a good way to set led lights off a raspberry pi to show status of my garage doors. Just something sitting in the kitchen and without having to open the Hubitat app etc.

Syslog to raspberry pi -> parse message -> set led (green or red)

Thank you again and happy new year!

I'm really glad it was useful. Thanks for letting me know what you did with it. Fun!

@staylorx Hi, I just set this up using my Synology NAS. I didn't realize that Synology had a syslog server built in which was a pleasant surprise. Nothing fancy but seems to work for tracking my HA devices.

I could not get it to work with UDP on default port - I will have to play around with that more. But I did try running it with TCP and randomly selected a port.

I am getting a lot of the Read timed out messages. I see some posts in another thread about this, and some back and forth but it didn't look like there was a resolution?

Also my Synology is not capturing the host name, even though I specified "Hubitat" in the device field. Instead it is showing the IP address. This is not a big deal.

Thanks for putting this out there - this is exactly what the doctor ordered when trying to trace issues back over time - as I have been doing right now.

If you can edit the hosts file with the hub name and IP it wont do this anymore....

Thanks - managed to get to hosts on my Synology and update it. Works nicely.

1 Like

@staylorx Are you still using HE and using this?

Anyone else seen issues with the "priority" field? Using the default driver and sending to Splunk, this is what a message looks like:

Jul 22 13:30:42 1 2022-07-22T13:30:45.573-04:00 he_logs Hubitat - - [sd_id_1@32473 device_name="ADC Security Panel" device_id="688"] QolSys IQ Alarm Panel: Status is receive error: Read timed out

Note that Splunk isn't picking up the time stamp from the log entry properly. This is kind of a big deal since the logs will end up out of order which could really jack up trouble-shooting. Also, the "priority" field is just coming across as the number "1" (between the two time stamps).

I've forked this out (for the third time) and edited the priority portion to just send the log level in plain text as HE sees it. Much cleaner to me. The fork can be found here. Here's what the logs looks like after:

trace 2022-07-22T13:41:11.956-04:00 he_logs Hubitat - - [sd_id_1@32473 device_name="ADC Security Panel" device_id="688"] QolSys IQ Alarm Panel: processZoneActive

I'm trying to send these logs to my Synology log center. Do you know if they're being sent in BSD or IETF format?

It's closer to IETF


This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.