How to collect more than one log per input module without using a wildcard
Hi!
We have some logs that we would like for NXLog to monitor.
The logs are located in a folder where lots of logs also reside.
For that reason we don't wish to use a wildcard, because many of the logs we don't care to monitor.
How can we in a single input module monitor three files, say file1, file2, and file3?
The information found here indicates that you can use multiple File directives but when I tried it didn't work.
Example:
<Input inLog>
Module im_file
File "/var/log/file1.log"
File "/var/log/file2.log"
File "/var/log/file3.log"
<Exec>
$logtime = strptime($raw_event, '%Y-%m-%d %H:%M:%S');
$timestamp = strftime($logtime, '%s');
$server = hostname_fqdn();
if $raw_event =~ /\[INFO\]/ $log_type = 'INFO';
if $raw_event =~ /\[WARNING\]/ $log_type = 'WARNING';
if $raw_event =~ /\[ERROR\]/ $log_type = 'ERROR';
</Exec>
</Input>
Do I need three different input modules or can I use just one?
Thanks in advance!
Hello,
Please note, that you are referring to the docs of Enterprise Edition, where this is, indeed, possible. The NXLog Community Edition im_file documentation is here.
Isn't there any other way to distinguish logs you want to pick?
Regards,
Rafal
