Hello 

I have created a regex expression to extract values from my logs, I have difficulties in writing these values in the nxlog output

The issue is that the output file is identical to the input log, not sure what I'm doing wrong here, any help is welcome

My nxlog.conf is as follow

<Input in>
        Module  im_file
        File    "C:\\tmp\example-log.txt"
        SavePos  TRUE
        Recursive TRUE
        InputType       multiline
        exec if $raw_event =~ /(?:\{"([0-9]+?), ([0-9]+?), "(.+?)", "(.+?)", "(?:.+?)", "(.+?)\n(?:[a-zA-Z0-9:,"\n\r\s\f\t\-\{\}\.\(\)]+?)New\sLogon:\s*(?:.+?)\n\s*Account\sName:\s*(.+?)\n(?:[a-zA-Z0-9:,"\n\r\s\f\t\-\{\}\.\(\)]+?)Source\sNetwork\sAddress:\s*([0-9\.]{7,15})\n(?:[a-zA-Z0-9:,"\n\r\s\f\t\-\{\}\.\(\)]+?)"\})/ \
    { \
    $timestamp = $1; \
    $event = $2; \
    $status = $3; \
    $type = $4; \
    $short = $5; \
    $user = $6; \
    $source = $7; \
    }
</Input>

#<Output out>
#    Module      om_tcp
#    Host        192.168.1.15
#    Port        12201
#    OutputType  GELF_TCP
#</Output>

<Processor one>
    Module      pm_null
    Exec        $raw_event = $timestamp + $event + $status + $type + $short + $user + $source;
</Processor>

<Output out>
    Module    om_file
    File    'C:\\tmp\output'
</Output>

<Route 1>
    Path        in => one => out
</Route>

Thanks heaps

Mark