-
-
Save vnisor/8380580 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## Please set the ROOT to your nxlog installation directory | |
| #define ROOT C:\Program Files\nxlog | |
| define ROOT C:\Program Files (x86)\nxlog | |
| Moduledir %ROOT%\modules | |
| CacheDir %ROOT%\data | |
| Pidfile %ROOT%\data\nxlog.pid | |
| SpoolDir %ROOT%\data | |
| LogFile %ROOT%\data\nxlog.log | |
| <Extension syslog> | |
| Module xm_syslog | |
| </Extension> | |
| # Monitor application log file | |
| <Input watchfile> | |
| Module im_file | |
| # File "C:/path/to/file.log" | |
| Exec $Message = $raw_event; | |
| SavePos TRUE | |
| Recursive TRUE | |
| </Input> | |
| # Monitor Windows event logs | |
| <Input eventlog> | |
| # Uncomment for Windows Vista/2008 or later | |
| Module im_msvistalog | |
| # Uncomment for Windows 2000 or later | |
| # Module im_mseventlog | |
| </Input> | |
| <Processor eventlog_transformer> | |
| Module pm_transformer | |
| OutputFormat syslog_rfc5424 | |
| </Processor> | |
| <Processor filewatcher_transformer> | |
| Module pm_transformer | |
| # Uncomment to override the program name | |
| # Exec $SourceName = 'PROGRAM NAME'; | |
| # Uncomment to override the hostname | |
| # Exec $Hostname = 'HOSTNAME'; | |
| OutputFormat syslog_rfc5424 | |
| </Processor> | |
| <Output syslogout> | |
| Module om_udp | |
| Host logs.papertrailapp.com | |
| Port YOUR_PORT | |
| </Output> | |
| <Route 1> | |
| Path eventlog => eventlog_transformer => syslogout | |
| </Route> | |
| <Route 2> | |
| Path watchfile => filewatcher_transformer => syslogout | |
| </Route> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment