Config file to extract MS Exchange logs to syslog format over TCP
Hi there ,
I am stranded with a problem of sending exchange server logs in syslog format over TCP.
I performed a trial for fetching connect logs and using the csv module and send them over syslog format over TCP.
Once I run the service , I dont get any output over TCP , nor any errors. I wanted to know what im doing wrong. Please help !
(((PS I removed my destination IP and port )))
define ROOT C:\Program Files\nxlog#define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modulesCacheDir %ROOT%\dataPidfile %ROOT%\data\nxlog.pidSpoolDir %ROOT%\dataLogFile %ROOT%\data\nxlog.log
<Extension syslog> Module xm_syslog</Extension>
<Extension _exec> Module xm_exec</Extension>
<Extension csv> Module xm_csv Fields date-time, connector-id, session-id, sequence-number, \ local-endpoint, remote-endpoint, event, data, context</Extension>
<Input in>Module im_fileFile "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Hub\Connectivity\CONNECTLOG*.LOG" <Exec> csv->parse_csv(); to_syslog_ietf();</Exec></Input>
<Output out> Module om_tcp Host #### Port #### Exec to_syslog_bsd();</Output>
<Route 1> Path in => out</Route>
define ROOT C:\Program Files\nxlog
#define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
<Extension syslog>
Module xm_syslog
</Extension>
<Extension _exec>
Module xm_exec
</Extension>
<Extension csv>
Module xm_csv
Fields date-time, connector-id, session-id, sequence-number, \
local-endpoint, remote-endpoint, event, data, context
</Extension>
<Input in>
Module im_file
File "C:\Program Files\Microsoft\Exchange Server\V15\TransportRoles\Logs\Hub\Connectivity\CONNECTLOG*.LOG"
<Exec>
csv->parse_csv();
to_syslog_ietf();
</Exec>
</Input>
<Output out>
Module om_tcp
Host ####
Port ####
Exec to_syslog_bsd();
</Output>
<Route 1>
Path in => out
</Route>
