Bypassing 'File' When Configuring im_file Module with NXLog Manager for IIS Log Ingestion
Hello. We plan on using the im_file module to ingest W3C IIS logs. We will use the command script provided in the user manual in section 69.7 as we have many IIS servers and the logs are not all in the same place. We use NXLog Manager to manage all of our agents. When attempting to create the module for the agent within NXLog Manager, we are being forced to input something for the 'File' parameter. Yet when we do the 'include_stdout' directive as shown in the manual, that creates the 'File' parameter based on what the script finds so we don't want the NXLog Manager defining that parameter. How do we tell NXLog Manager to skip that parameter? We don't want to have to manually update log4ensics.conf on each of these servers.
Thank you.
Hi Mark,
In that case I'd suggest using the module Custom input with type im_file and then add the module specific stuff under the Expert tab in the Verbatim config text field.
Hope that'll work.
Regards,
Botond
