2 of 2 people found this helpful
I don't believe the AF SDK supports this feature yet. A few ways to access the PI Data Historian message logs are describe here: Looking for a way to access the PiServer Message Log ...
Also, you might in interested in PI OLEDB Provider since you can use it to to issue a SQL query to retrieve the PI Server Messages log. Check out the pilog..pimessage log table with columns such as time, source, id, message, category, orihost and pid. With this, you have many options on how how to move the message logs to another server.
7 of 7 people found this helpful
Unfortunately, exporting PI Message logs to a Syslog server is not currently officially supported. There is a PI Interface for Syslog, however, obviously this would be for pulling information from Syslog into PI, which is not the goal here.
The workaround you mentioned of stopping PI Message Subsystem such that PI Message logs are instead written to Windows Application Log would work, since from here the messages could be forwarded to the Syslog server. However, it is important to note that the logs cannot be streamed both to Windows Application log and the PI Message log. This means that if this workaround was applied, it would not be possible to view the PI Message logs via PI Message Subsystem, such as with pigetmsg, PI SMT, etc.
We do have an internal work item to support redirecting PI Message logs to other logs such as Syslog, etc. However, I do not see a request on the OSIsoft UserVoice. I would recommend you create a new idea here and post your use case so that we can better prioritize the work item. Also, feel free to let me know and I can create the idea for you.
EDIT: As Dan mentioned, AFSDK does not currently support getting PI Message Logs, however, the PowerShell Tools for the PI System do (included in PI SMT install kit 2015+), using Get-PIMessage cmdlet. However, I am guessing this would require some additional work to coerce the logs into a format that Syslog would accept.
- Adam Fink
thank you. It seems that using some PowerShell code is the way of choice, because I would like to also keep the logs in PI and not move them to the Windows log system.
1 of 1 people found this helpful
Have you considered using Splunk for your log file analysis and correlation? I've been working with this for a little while, and am in fact currently preparing a blog post about this subject. My approach has been to use Splunk's PowerShell modular input and the PowerShell Tools for the PI System to bring PI Message logs into Splunk. Other log sources such as Windows Event logs, and text file based pipc.log files are also pretty straight forward to ingest into Splunk.
If your company isn't already using Splunk for IT data, then you can start with the free version - 500MB per day, which should be more than sufficient for your PI system logs.
Look out for my blog post next week on this subject.
Hope this helps.
thank you. We considered using Splunk some time ago, but now use another log correlation system that has similar features (reading Windows Logs via Agent, PowerShell Integration). At this point, it seems that PowerShell is the way of choice, although this requires some custom code. However, I am looking forward to your post, since it may give us a hint how to implement this feature.