Request trial
Request Trial

I would like to collect log with parameters only from one type of log

Tags: NXLog Enterprise Edition
#1 Avi Israelov

Hi,

I have the configuration below in which I would like to collect data from “Security" and from ”ForwardedEvents".

I would like the data from the Security to be with specific values (e.g. $TaskValue, $Version) while ForwardedEvents ignore them. How can I configure it?

Permalink
#2 konstantinos Nxlog ✓

Hi Avi,

You can take advantage of the fields that are parsed automatically by im_msvistalog: https://docs.nxlog.co/ce/current/index.html#im_msvistalog_fields 

To answer your question, you could set a conditional statement similar to the example below:

<Exec>
    if ($Channel == 'Security') 
    { 
       $TaskValue = integer($TaskValue);
    . . .

I hope this helps,

Cheers,

Konstantinos

 
Login to see more

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS