responses
Hello
I've defined this as an input file in nxlog.conf
<Input cerberus_log>
Module im_file
File "C:\\ProgramData\\Cerberus LLC\\Cerberus FTP Server\\log\\server.1.log"
InputType LineBased
PollInterval 5
<Exec>
log_info("Msg <" + $raw_event + ">");
$date = substr($raw_event,1,10);
$time = substr($raw_event,12,8);
$cmd = substr($raw_event,23,7);
$pid = substr($raw_event,32,6);
$action = substr($raw_event,42);
$Hostname = hostname_fqdn();
$SourceName = "Cerberus FTP Server";
$ProcessID = $pid;
$EventTime = parsedate($date + " " + $time);
$Message = $cmd + ": " + $action;
$SyslogSeverityValue = 6;
$SyslogFacilityValue = 11;
</Exec>
</Input>
When this input is read from the log file
[2018-03-28 09:21:48]: REPLY [ 5445] - 234 Authentication method accepted
[2018-03-28 09:21:48]:CONNECT [ 5445] - SSL connection using TLSv1.2 (ECDHE-RSA-AES256-GCM-SHA384), 256 bit encryption
[2018-03-28 09:21:48]:CONNECT [ 5445] - SSL connection established
[2018-03-28 09:21:48]:COMMAND [ 5445] - USER PandoraManuellt
[2018-03-28 09:21:48]: REPLY [ 5445] - 331 User PandoraManuellt, password please
[2018-03-28 09:21:48]:COMMAND [ 5445] - PASS ***********
the following is logged in nxlog.log
2018-03-28 09:21:51 INFO Msg <[>
2018-03-28 09:21:51 INFO Msg <>
2018-03-28 09:21:51 INFO Msg <[>
2018-03-28 09:21:51 INFO last message repeated 3 times
2018-03-28 09:21:51 INFO Msg <>
2018-03-28 09:21:51 INFO Msg <[>
Empty lines are empty, but when a line that starts with a '[' then $raw_event only contains that character and nothing else. Why?
Mats-Ove
Comments (2)
Hello,
which version of nxlog do you use?
Peter
I'm using NXLOG Community Edition version v2.9.1716
Mats-Ove