Forward windows logs to rsyslog server with Nxlog
Posted wemux
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Forward windows logs to rsyslog server with Nxlog相关的知识,希望对你有一定的参考价值。
Rsyslog Server安装
[root@rsyslog ~]# yum install rsyslog -y修改配置/etc/rsyslog.conf
开启udp接收
module(load="imudp") # needs to be done just once
input(type="imudp" port="514")
开启tcp接收
module(load="imtcp") # needs to be done just once
input(type="imtcp" port="514")
定义日志存放路径及名称模版
$template Remote,"/var/log/syslog/%fromhost-ip%/%fromhost-ip%_%$YEAR%-%$MONTH%-%$DAY%.log"
Example
启动rsyslog服务
[root@rsyslog ~]# systemctl enable --now rsyslogWindows下载并安装nxlog软件
https://nxlog.co/system/files/products/files/348/nxlog-ce-2.10.2150.msi
安装路径修改nxlog.conf (C:\\Program Files (x86)\\nxlog\\conf)
定义Input模块
<Input Win_LOG>
Module im_msvistalog
Query <QueryList>\\
<Query Id="0">\\
<Select Path="Application">*</Select>\\
<Select Path="System">*</Select>\\
<Select Path="Security">*</Select>\\
</Query>\\
</QueryList>
</Input>
<Input TEST_LOG>
Module im_file
File "D:\\\\*.log"
SavePos TRUE
ReadFromLast TRUE
</Input>
定义Output模块
<Output winlog>
Module om_udp # using udp
Host 192.168.137.11 # rsyslog server ip
Port 514 # rsyslog port
Exec to_syslog_bsd();
</Output>
<Output applog>
Module om_tcp # using tcp
Host 192.168.137.11 # rsyslog server ip
Port 514 # rsyslog server port
Exec to_syslog_bsd();
</Output>
定义route模块
<Route 1>
Path Win_LOG => winlog
</Route>
<Route 2>
Path TEST_LOG => applog
</Route>
重启nxlog服务
写入日志,检查rsyslog接收情况
以上是关于Forward windows logs to rsyslog server with Nxlog的主要内容,如果未能解决你的问题,请参考以下文章
R12.2.6 installation failed with - Unable to rename database
window.history back/go/forward/reload
Flink报错Could not forward element to next operator Buffer pool is destroyed
Pytorch-Is it possible to forward a tensor through a model (only Variable works)?