1

I am a sys admin intern and I'm setting up an Nxlog instance on a Windows Server 2012 VM that ships Windows Application logs and everything in C:\logs. I already have the Application logs shipping just fine, but I cannot find a way to ship specific log files (such as C:\logs) for parsing.

This is what I have: 

    Module      im_file
    File        "C:\logs\stuff.log"
    SavePos     TRUE

Ban-Chuan Lim
  • 7,840
  • 4
  • 35
  • 52
baneblade214
  • 11
  • 4

1 Answers1

2

Assuming you want to use TCP To move the files to Logstash, try this

<Input in>
    Module  im_file
    File    "c:\logs\stuff.log"
    SavePos TRUE
</Input>

<Output out>
    Module  om_tcp
    Host    192.168.1.1
    Port    514
</Output>

<Route 1>
    Path    in => out
</Route>
cybergoof
  • 1,407
  • 3
  • 16
  • 25
  • I have an csv file. How to make a log file of it? Which I then want to ship to logstash to visualize in kibana. – Farid ullah Apr 07 '17 at 17:52