Created
April 18, 2013 20:38
-
-
Save wolstena/5416035 to your computer and use it in GitHub Desktop.
nxlog config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## This is a sample configuration file. See the nxlog reference manual about the | |
| ## configuration options. It should be installed locally and is also available | |
| ## online at http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html | |
| ## Please set the ROOT to the folder your nxlog was installed into, | |
| ## otherwise it will not start. | |
| #define ROOT C:\Program Files\nxlog | |
| define ROOT C:\Program Files (x86)\nxlog | |
| Moduledir %ROOT%\modules | |
| CacheDir %ROOT%\data | |
| Pidfile %ROOT%\data\nxlog.pid | |
| SpoolDir %ROOT%\data | |
| LogFile %ROOT%\data\nxlog.log | |
| LogLevel INFO | |
| <Extension w3c> | |
| Module xm_csv | |
| Fields $date, $time, $HTTPServerIp, $HTTPMethod, $HTTPURL, $HTTPQuery, $HTTPPort, $HTTPUsername, $HTTPClientIp, $HTTPUserAgent, $HTTPStatus, $HTTPSubstatus, $HTTPWin32Status, $HTTPTime-taken | |
| FieldTypes string, string, string, string, string, string, integer, string, string, string, integer, integer, integer, integer | |
| Delimiter ' ' | |
| </Extension> | |
| <Extension syslog> | |
| Module xm_syslog | |
| </Extension> | |
| <Extension json> | |
| Module xm_json | |
| </Extension> | |
| <Input msevents> | |
| Module im_msvistalog | |
| Query <QueryList> \ | |
| <Query Id="0"> \ | |
| <Select Path="Application">*</Select> \ | |
| <Select Path="System">*</Select> \ | |
| <Select Path="Security">*</Select> \ | |
| </Query> \ | |
| </QueryList> | |
| Exec $tags = 'Production'; $raw_event = to_json(); | |
| </Input> | |
| <Input iis> | |
| Module im_file | |
| File 'C:\inetpub\logs\LogFiles\W3SVC1\u_ex*.log' | |
| ReadFromLast TRUE | |
| Exec if (($raw_event =~ /^#/) or ($raw_event =~ /^$/)) drop(); \ | |
| else \ | |
| { \ | |
| w3c->parse_csv(); \ | |
| $EventTime = strftime(parsedate($date + " " + $time + "Z"),'%Y-%m-%d %H:%M:%S+00:00'); \ | |
| $tags = 'Production'; \ | |
| to_json(); \ | |
| } | |
| </Input> | |
| <Output file_out_test> | |
| Module om_file | |
| File 'C:\Program Files (x86)\nxlog\data\nxlogtestout.log' | |
| </Output> | |
| <Output iis_out> | |
| Module om_udp | |
| #Exec $raw_event = to_json() | |
| Host logstash02.r3live.cbcr3.com | |
| Port 9251 | |
| #Exec $tags = 'Production'; | |
| </Output> | |
| <Output msevents_out> | |
| Module om_udp | |
| Host logstash02.r3live.cbcr3.com | |
| Port 9252 | |
| #Exec $tags = 'Production'; | |
| </Output> | |
| <Route logstash_iis> | |
| Path iis => iis_out | |
| </Route> | |
| <Route logstash_msevents> | |
| Path msevents => msevents_out | |
| </Route> | |
| #<Route logstash_debug> | |
| # Path msevents => file_out_test | |
| #</Route> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment