Can NXLOG event correlator buffer/retain messages in memory
Tags:
#1
nxlogdesonim
can event coorelation be used with a trigger such that when an event matches it collects subsequent if all come in within specifc time frame (say within 30second from first event) and write those or send via email?
we currently have such functionality out of per based "SEC" but are trying to migrate to NXLOG.
thanks.
#1
nxlogdesonim
can event coorelation be used with a trigger such that when an event matches it collects subsequent if all come in within specifc time frame (say within 30second from first event) and write those or send via email?
we currently have such functionality out of per based "SEC" but are trying to migrate to NXLOG.
thanks.
You can use module variables to store the time of the event (with or without expiry) and then compare the event time of the actual event to the value stored in the module variable. See create_var(), set_var() and get_var() in the reference manual.
