I would like to collect log with parameters only from one type of log
Tags:
NXLog Enterprise Edition
#1
Avi Israelov
Hi,
I have the configuration below in which I would like to collect data from “Security" and from ”ForwardedEvents".
I would like the data from the Security to be with specific values (e.g. $TaskValue, $Version) while ForwardedEvents ignore them. How can I configure it?
Hi Avi,
You can take advantage of the fields that are parsed automatically by im_msvistalog: https://docs.nxlog.co/ce/current/index.html#im_msvistalog_fields
To answer your question, you could set a conditional statement similar to the example below:
<Exec>
if ($Channel == 'Security')
{
$TaskValue = integer($TaskValue);
. . .I hope this helps,
Cheers,
Konstantinos
