SHOW:
|
|
- or go back to the newest paste.
| 1 | define ROOT C:\Program Files (x86)\nxlog | |
| 2 | ||
| 3 | Moduledir %ROOT%\modules | |
| 4 | CacheDir %ROOT%\data | |
| 5 | Pidfile %ROOT%\data\nxlog.pid | |
| 6 | SpoolDir %ROOT%\data | |
| 7 | LogFile %ROOT%\data\nxlog.log | |
| 8 | ||
| 9 | LogLevel INFO | |
| 10 | SuppressRepeatingLogs FALSE | |
| 11 | NoCache FALSE | |
| 12 | #FlowControl TRUE | |
| 13 | #IgnoreErrors TRUE | |
| 14 | #Panic SOFT | |
| 15 | ||
| 16 | <Extension syslog> | |
| 17 | Module xm_syslog | |
| 18 | </Extension> | |
| 19 | ||
| 20 | <Input in> | |
| 21 | Module im_file | |
| 22 | File 'C:\inetpub\logs\LogFiles\\*.log' | |
| 23 | SavePos TRUE | |
| 24 | ReadFromLast TRUE | |
| 25 | Recursive TRUE | |
| 26 | FlowControl TRUE | |
| 27 | InputType LineBased | |
| 28 | Exec $SourceName = 'IIS'; \ | |
| 29 | if $raw_event =~ /\b192\.168\.55\.[12]\b/ \ | |
| 30 | drop(); \ | |
| 31 | else \ | |
| 32 | { \
| |
| 33 | $Message = $raw_event; \ | |
| 34 | $SyslogFacilityValue = syslog_facility_value('local5'); \
| |
| 35 | } | |
| 36 | </Input> | |
| 37 | ||
| 38 | <Processor buffer> | |
| 39 | Module pm_buffer | |
| 40 | MaxSize 2048000 | |
| 41 | Type Disk | |
| 42 | - | WarnLimit 2000000 |
| 42 | + | WarnLimit 2000000 |
| 43 | </Processor> | |
| 44 | ||
| 45 | <Output out> | |
| 46 | Module om_tcp | |
| 47 | Host 192.168.54.9 | |
| 48 | Port 514 | |
| 49 | Exec to_syslog_ietf(); | |
| 50 | OutputType Syslog_TLS | |
| 51 | </Output> | |
| 52 | ||
| 53 | <Route> | |
| 54 | Path in => buffer => out | |
| 55 | </Route> |
