ANNOUNCE: EVL4EZ Syslog Client

Information and support for EnvisaLink modules.

Moderators: EyezOnRich, GrandWizard

C'est Moi
Posts: 2
Joined: Sat Feb 15, 2020 11:35 pm

Re: ANNOUNCE: EVL4EZ Syslog Client | RPi Raspbian Considerations

Post by C'est Moi »

Configuring EVL4's Syslog Client under Raspbian ("V10 Buster" Linux 4.19.97-V7+) using either a Chromium (V78) or Iceweasel (i.e. Firefox V68) browser proved to be problematic. The webpage presented by EVL4's embedded web-server was not rendered correctly in either browser and therefore it was not possible to update the requisite fields (i.e. Syslog server's IP address and the Facility ID) on the form and post them correctly to the EVL4.

However, on a different PC, attached to the same network subnet, but running Ubuntu 18.04.1 LTS ("Bionic Beaver") and a Chrome V80 browser, the EVL4's console webpage was displayed correctly and it was then possible to input, post and successfully update the requisite Syslog Server information.

After changing /etc/rsyslog.conf and restarting rsyslogd, as described at https://vexxhost.com/resources/tutorial ... 14-04-lts/, and rebooting the EVL4 hardware, ENVISALINK messages then magically appeared in /var/log/messages on the RPi 2B box, running Raspbian "Buster".

Here are the pertinent configuration file settings that I'm using for the syslog daemon and logrotate process, the latter to keep /var/log svelte with a minimum of old log clutter and with minimum grind on my RPi 2B machine.

/etc/rsyslogd.conf
# provides UDP syslog reception
module(load="imudp")
input(type="imudp" port="514")
# provides TCP syslog reception
module(load="imtcp")
input(type="imtcp" port="514")

/etc/logrotate.conf
# keep this many sets of backlogs
rotate 1
#truncate the original logfile after copying it
copytruncate
# decide whether you want old log files compressed or not
nocompress

NOTE: The EVL4 syslog client can be configured to log to Facility 16 (equates to "local0" ) through 23 (equates to "local7" ).
A rule in /etc/rsyslog.conf or 'equivalent' config file, (name and location depends on the OS, for example, Raspbian vs. Ubuntu)
can be used to route messages to a dedicated log file, to nicely separate out EVL4 messages, for example:

local0.* -/var/log/EVL4.log
Last edited by C'est Moi on Fri May 13, 2022 11:32 am, edited 3 times in total.
C'est Moi
Posts: 2
Joined: Sat Feb 15, 2020 11:35 pm

Re: ANNOUNCE: EVL4EZ Syslog Client | CID Structure ?

Post by C'est Moi »

What is the structure of the CID (Contact IDs) in syslog messages? They do not seem to follow the Ademco CID field structure (Q EEE GG ZZZ) as documented in the Vista 20P Programming Guide (document K5305-1 PRV8 5/11 Rev. C) that I've got.

Please see an actual syslog (/var/log/messages) example (partially masked for security reasons), as written by an EVL4 (Firmware Version: 01.03.155A):

Feb 15 17:59:37 192.168.xxx.xxx ENVISALINK[Mac Address]: CID Event: 1131010080

Is this the sub-field structure?

1-131-01-0080 1 = New Message ? ; 131 = Alarm Perimeter ? ; partition 01 ? ; zone number 008 ? ; spurious digit ?
GrandWizard
Posts: 2233
Joined: Tue Nov 16, 2010 4:08 pm

Re: ANNOUNCE: EVL4EZ Syslog Client

Post by GrandWizard »

Yes that is correct.
vinistois
Posts: 2
Joined: Sun Apr 26, 2020 5:21 pm

Re: ANNOUNCE: EVL4EZ Syslog Client

Post by vinistois »

what I did to get around the local subnet limitation is fire up a vm in the same subnet as the evl-4

I used centos8 minimal. rsyslog is installed by default. Uncomment the lines to in /etc/rsyslog.conf to enable upd on 514.

Then I forward to papertrail where more actions, including notifications to all kinds of web platforms, webhooks, etc.

Another option would be a node-red instance, there is a syslog listener module in node-red where you could configure your own actions.
digid
Posts: 1
Joined: Sun Oct 25, 2020 3:10 pm

Re: ANNOUNCE: EVL4EZ Syslog Client

Post by digid »

Has the subnet issue ever been fixed? I have my security system and home automation on a separate subnet/vnet than my syslog server. I would upgrade to a v4 board just for this feature if its been fixed.
pounder
Posts: 71
Joined: Sat Oct 20, 2012 10:34 pm
Location: Niagara Region, Ontario Canada

Re: ANNOUNCE: EVL4EZ Syslog Client

Post by pounder »

Is the format used for the messages documented anywhere ?
Sure I could look at the data but its hard to get every case like various types of trouble to be generated.
Jon Pounder
C'cest Moi
Posts: 1
Joined: Sat Feb 15, 2020 11:25 pm

Re: ANNOUNCE: EVL4EZ Syslog Client

Post by C'cest Moi »

pounder wrote: Mon Jul 18, 2022 4:26 pm Is the format used for the messages documented anywhere ?
Sure I could look at the data but its hard to get every case like various types of trouble to be generated.
SIA DC-05-1999.09 documents CID codes.
For example, the CID codes in Envisalink-4's syslog records look like this:
mmm dd hh:mm:ss xxx.xxx.xxx.xxx ENVISALINK[Mac Address]: CID Event: 1131010080

(xxx.xxx.xxx.xxx = V4 IP address)

Explanation:
1-131-01-008-0 1 = New Message ; 131 = Alarm Perimeter ; 01 = Partition ; 008 = Zone number ; 0 = unused check digit
Attachments
SIA-ContactIDCodes_Protocol.pdf
(85.91 KiB) Downloaded 167 times
Post Reply