Field matching based on lookup table | View post

cmiscloni 4 years ago

Hi all,

Does Nxlog Enterprise has the possibility to request a table in order to convert some field ?

Like EventID 4624 on Windows and replace LogonType ID to a more readable string:

    &quot;2&quot;: &quot;Interactive&quot;,
    &quot;3&quot;: &quot;Network&quot;,
    &quot;4&quot;: &quot;Batch&quot;,
    &quot;5&quot;: &quot;Service&quot;,
    &quot;7&quot;: &quot;Unlock&quot;,
    &quot;8&quot;: &quot;NetworkCleartext&quot;,
    &quot;9&quot;: &quot;NewCredentials&quot;,
    &quot;10&quot;: &quot;RemoteInteractive&quot;,
    &quot;11&quot;: &quot;CachedInteractive&quot;,