NXLog configuration for windows file

[Techmnagioslsuser]

Hello

I have completed the NXLog configuration in log source windows server. Eventlogs are being captured now. I wanted to send another log file from the windows server, added the configuration for that file under <Input... , also added it in route. But The log file logs are not visible in the monitoring , the type field is only showing eventlog not the log file type "test". Please advice.

log file path in the windows log source : D:\General\Testing\Testfile.txt

[gsmith]

Hi,

The issue is that the Testfile.txt does not have a "type" defined as shown below. I only included the pertinent
pieces for clarity.


<Input test>
Module im_file
File 'C:\General\Testing\Testfile.txt'
SavePos TRUE
Exec $Message = $raw_event;
</Input>

<Output out1>
Module om_tcp
Host 192.168.23.89
Port 3515
Exec $type = "testfile";
Exec $tmpmessage = $Message; delete($Message); rename_field("tmpmessage","message");
Exec $raw_event = to_json();

# Uncomment for debug output
Exec file_write('%ROOT%\data\nxlog_output.log', $raw_event + "\n");
</Output>

<Route 2>
Path test => out1
</Route>

The fact that we need to have a "type" defined is far from obvious. This is because im_msvista_log
must be setting the type to "eventlog" and im_internal must be setting the type to "syslog" for the
ns.log file. We had to create a new output so that we could assign a type.

Thanks