Skip to content
A PowerShell Module to send logs to a GELF server like Graylog.
PowerShell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
Examples
PSGELF
Tests
LICENSE
README.md

README.md

PSGELF

A PowerShell Module to send logs to a GELF server like Graylog.

Description

This repository contains PowerShell functions to send logs to a compatible GELF server like Graylog. I have tested this module on Powershell 4/5 on Windows and lightly tested with Powershell 6 on CentOS 7 and OSX.

Getting Started

You can install this module by copying the PSGELF folder to your PowerShell Modules directory. You can also install from the Powershell Gallery Install-Module -Name PSGELF

Functions

PSGELF Function Description
Send-PSGelfTCP Sends a GELF message via UDP. This function does not accept Pipeline input.
Send-PSGelfUDP Sends a GELF message via TCP. This function does not accept Pipeline input.
Send-PSGelfTCPFromObject This function sends an PSObject via TCP to a server supporting GELF.
Send-PSGelfUDPFromObject This function sends an PSObject via UDP to a server supporting GELF.

Examples

Sending a Short Message:

Send-PSGelfTCP -GelfServer graylog -Port 12202 -ShortMessage "This is a short Message"

Sending a Message with all of the default fields:

        Send-PSGelfUDP -GelfServer "graylog" `
            -Port 12201 `
            -ShortMessage "Short Message" `
            -FullMessage "Full Message" `
            -HostName "dc01" `
            -DateTime $(Get-Date) `
            -Level 5 `
            -Line 255 `
            -File "C:\logs" `
            -AdditionalField @{UniqueID = 1337}

Sending 10 Windows Events:

Get-WinEvent Setup -MaxEvents 10 | Send-PSGelfTCPFromObject -GelfServer graylog -Port 12202

Help

You can use Get-Command -Module PSGELF to get a list of cmdlets in the module. You can use Get-Help command to view the help information for the cmdlet.

TO DO

I may add defaults for the port parameters. I am also going to publish the module to the Powershell Gallery.

You can’t perform that action at this time.