Showing results for 
Search instead for 
Did you mean: 
Create Post
Level 8

SWCL Log Extract anyone?

Has anyone used the SWCL tools to write up a simple log extraction from the SQL database of log events from a device?  What are some of the things others have built. Until there's a log extraction or export to CSV or something Log manager is a pretty Web based tool. I don't want to have to run Kiwi Syslog Daemon underneath all of this and forwarded logs to a different port.

0 Kudos
4 Replies

Not sure what you have in mind exactly, but this is the swql query I added to my node details page to display all the messages from that node.

SELECT MessageDateTime, isnull(ms.Caption, ms.IPAddress) as Source, Level, Message

FROM Orion.OLM.LogEntry le

join orion.olm.MessageSources ms on ms.MessageSourceID = le.MessageSourceID

where le.nodeid=${nodeid}

and messagedatetime > addday(-8, getdate())

--and message like '%${SEARCH_STRING}%'

order by MessageDateTime desc

- Marc Netterfield, Github
0 Kudos

Ideally I would like to do a search on logs from specific nodes and then extract the log search into a CSV file.

0 Kudos

Yeah unfortunately there's no easy way in the gui that I can think of to make an interactive search and save it to a csv.  For myself I'd just execute the report in SWQL studio and then you can save the results as a csv from there, but that's not something you'd want to have end users doing.

- Marc Netterfield, Github
0 Kudos

Right after I posted it I realized you could just wrap the query up in a little powershell front end that prompts the user for the node they want to report on and have it request the list from the API and package the results into a csv for you.

- Marc Netterfield, Github
0 Kudos