26. Processing Logs | Log Collection Solutions

Parsing Various Formats – Reading fields from several common log formats

Alerting – Generating alerts when specific conditions are met

Using Buffers – Using disk- and memory-based buffering in NXLog

Character Set Conversion – Converting between character sets during processing

Detecting a Dead Agent or Log Source – Generating alerts when a remote agent or log source stops sending logs

Event Correlation – Using a dedicated module for detecting conditions based on a sliding window

Extracting data – Implementing parsing using module procedures or regular expressions

Filtering Messages – Discarding events based on specified conditions

Format Conversion – Configuring conversion between input and output formats

Log Rotation and Retention – Setting up policies for automatically retaining and discarding past log data

Message Classification – Matching and tagging events

Parsing Multi-Line Messages – Joining and parsing messages that span multiple lines

Rate Limiting and Traffic Shaping – Reducing the speed at which messages are read from a log source

Rewriting and Modifying Messages – Making changes to log messages during processing

Timestamps – Working with timestamp strings and datetime values