Last active
December 16, 2015 01:09
-
-
Save jalogisch/5353158 to your computer and use it in GitHub Desktop.
nxlog ship gelf via UDP target can be graylog2 or logstash
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<Extension gelf> | |
Module xm_gelf | |
</Extension> | |
<Input in> | |
# Use 'im_mseventlog' for Windows XP and 2003 | |
Module im_msvistalog | |
Exec if ($EventID == 4202 or $EventID == 4208 or $EventID == 4302 or $EventID == 4304 or $EventID == 5004) drop();\ | |
else{\ | |
if ( $EventType == "INFO" ) $SyslogSeverityValue = 6;\ | |
if ( $EventType == "WARNING" ) $SyslogSeverityValue = 4;\ | |
if ( $EventType == "ERROR" ) $SyslogSeverityValue = 3;\ | |
} | |
</Input> | |
<Output out> | |
Module om_udp | |
Host 10.10.10.10 | |
Port 12345 | |
OutputType GELF | |
</Output> | |
<Route 1> | |
Path in => out | |
</Route |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Added Additional Drops and Rewrites in the Input ..