A PowerShell Module to send logs to a GELF server like Graylog.
This repository contains PowerShell functions to send logs to a compatible GELF server like Graylog. I have tested this module on Powershell 4/5 on Windows and lightly tested with Powershell 6 on CentOS 7 and OSX.
You can install this module by copying the PSGELF folder to your PowerShell Modules directory. You can also install from the Powershell Gallery Install-Module -Name PSGELF
| PSGELF Function | Description |
|---|---|
| Send-PSGelfTCP | Sends a GELF message via UDP. This function does not accept Pipeline input. |
| Send-PSGelfUDP | Sends a GELF message via TCP. This function does not accept Pipeline input. |
| Send-PSGelfTCPFromObject | This function sends an PSObject via TCP to a server supporting GELF. |
| Send-PSGelfUDPFromObject | This function sends an PSObject via UDP to a server supporting GELF. |
Sending a Short Message:
Send-PSGelfTCP -GelfServer graylog -Port 12202 -ShortMessage "This is a short Message"
Sending a Message with all of the default fields:
Send-PSGelfUDP -GelfServer "graylog" `
-Port 12201 `
-ShortMessage "Short Message" `
-FullMessage "Full Message" `
-HostName "dc01" `
-DateTime $(Get-Date) `
-Level 5 `
-Line 255 `
-File "C:\logs" `
-AdditionalField @{UniqueID = 1337}
Sending 10 Windows Events:
Get-WinEvent Setup -MaxEvents 10 | Send-PSGelfTCPFromObject -GelfServer graylog -Port 12202
You can use Get-Command -Module PSGELF to get a list of cmdlets in the module.
You can use Get-Help command to view the help information for the cmdlet.
I may add defaults for the port parameters. I am also going to publish the module to the Powershell Gallery.