responses
Hello,
I'm both new here and new at nxlog so excuse my question if it sounds awkward.
I'm trying to configure nxlog for an environment with multiple intermediary loghosts which have different IP addresses.
The only pattern is that the machine that is sending the log and the loghost always have a similar first three octets (same subnet).
So the computer 192.168.0.10 will send logs to 192.168.0.100
and the computer 10.10.10.30 will send its logs to 10.10.10.100.
The last octet of all loghosts are similar as well.
My goal is to be able to call the computer IP with HostIP, match it with a regex [0-9]{1,3}[.][0-9]{1,3}[.][0-9]{1,3}[.][0-9]{1,3} and transform it to $1.$2.$3.100 which will be the loghost IP.
My output module may look like this:
<Output loghost>
Module om_udp
Host $loghost
Port 514
</output>
Why am I doing this? I'm deploying nxlog via GPO and wanted to send a single nxlog.conf to all the domain computers which will find the corresponding loghost based on their own IP.
At this time, none of my attempts to add a regex to an Exec directive in the output module were successful.
If any one had come across the need for adding a variable as Host or similar issue, I will appreciate your help.
Any other directions are much appreciated.
Thank you,
Mikal
Comments (2)
Zhengshi,
I appreciate your suggestions. Let me explore them and get back.
Thank you
Hello,
I finally found a way out.
I used the Include directive to read the host configuration from a separate file.
An external script is used to retrieve the local IP and replace the last octet as I wanted, and write the result to that file.
My final Output module looks like this:
<Output loghost>
Module om_udp
# The include below requires loghost.txt generated from an external script
Include %ROOT%\\conf\\loghost.txt
Port 514
</Output>
Thank you.