1
answer

Calculating the events per second (EPS)

I am trying to figure out how many events are coming in per hour on a given a input module named win.

I have searched around and haven't found any definitive solution. Most of what I have seen implements the create_stat function. But from there, I am lost. Here is my current config for the input, output, and route. How would I implement this feature into what I currently have?

AskedOctober 12, 2015 - 6:52pm
1
answer

how to proxy a "OutputType GELF" within a TLS/SSL connection?

On a Window 2012 server I'm collecting system events and then sending them to a remote server using OutputType GELF. This works fine on my serverrs behind a firewall however I have a AWS server that I would like to log and send logs over a TLS connection.

Here's what my working Output looks like:

<Output out>
    Module      om_udp
    Host        XXX.XXX.XXX.XXX
    Port        12201
    OutputType  GELF
</Output>

AskedSeptember 28, 2015 - 9:15pm
1
answer

Strange behaviour of NXLog for Windows - configuration is valid random times

Hi,

I've started playing with NXlog and have found strange behaviour.

This is my configuration:

[code]

<Input b-logs>
    Module      im_file

    File "d:\\Temp\\Logs\\test.txt"
    
    SavePos TRUE
    InputType LineBased

    Exec if ( $raw_event =~ /^#/ )    \
    {    \
        $raw_event="ok";    \
    }    \
    else    \
    {    \
        $raw_event="bad";    \
    }

AskedSeptember 27, 2015 - 8:36am
1
answer

Solaris: configure: error: libapr-1 not found

I cannot compile nxlog on Solaris. On configure i got:

checking for apr_socket_create in -lapr-1... no
configure: error: libapr-1 not found

If I have APR in /usr/apr etc, I am trying:

./configure CFLAGS="-I/usr/apr/1.3/include -I/usr/apr-util/1.3/include" LDFLAGS="-L/usr/apr/1.3/lib/sparcv9 -L/usr/apr-util/1.3/lib/sparcv9" --with-apr=/usr/apr/1.3/ --with-included-apr --prefix=/export/home/user/compiled

AskedSeptember 25, 2015 - 1:31pm
1
answer

a way for nxlog to replace syslog message IPs with hostnames

i have looked on the avail;able docs but have not yet seen such an example, is there a way to convert IPs to dns names, given the message below how to replace 192.168.225.2 with its dns name, host.name.com?

<132>Sep 22 20:24:01 qare RouteAnalyzer[21700]: Prefix 192.168.42.64/32 (192.168.42.64/32) from router 192.168.225.2 in BGP/AS64512 went down.Configured

thanks.

AskedSeptember 22, 2015 - 10:05pm

Pages