Sending logs to loggly

Loggly offers cloud based storage and analytics services for log data. NXLog can be used to collect and send logs off to the Loggly service.

Below is a configuration that can be used for a start. Make sure to set the value of CUSTOMER_TOKEN properly. If you are unsure where to get this, see the article about the cusomer token in the Loggly support center.

define CUSTOMER_TOKEN 1234-567-890123-4567890

<Extension json>
      Module xm_json

<Extension syslog>
      Module xm_syslog

<Input internal>
      Module im_internal

<Input file>
      Module im_file
      File "/path/to/your/log/file"
      SavePos TRUE

<Output out>
      Module om_tcp
      Port 514
      Exec $Message = to_json();
      Exec to_syslog_ietf();  $raw_event = replace($raw_event, 'NXLOG@14506', '%CUSTOMER_TOKEN%@41058', 1);

<Route 1>
      Path internal, file => out

The above configuration focuses on sending data to Loggly and does not intend to deal with collecting data from various log sources. For example to collect Windows eventlog, you may use the im_msvistalog input module on Windows systems, see Loggly documentation titled Logging From Windows.

For more information on collecting logs from various sources check out the documentation in the Loggly Knowledge Base and consult the NXLog documentation.

Download a fully functional trial of the Enterprise Edition for free