Send .csv to graylog

Post a different question
2
responses

Hi again!
i want to check this config its ok. I need send a .csv to graylog and the graylog server is not getting messages and I wanted to check that the nxlog configuration was well done. The nxlog log, start without problems

#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

<Extension json>
Module xm_json
</Extension>

<Extension fileop>
Module xm_fileop
</Extension>

<Extension _syslog>
Module xm_syslog
</Extension>

<Extension gelf>
Module xm_gelf
</Extension>

<Extension jira>
Module xm_csv
Fields $ComputerName,$SID,$Message
FieldTypes string,string,string
Delimiter","
</Extension>

<Input in>
Module im_file
File "C:\\logs\\logs.csv"
#ReadFromLast False
#Recursive True
#SavePos True

</Input>

<Output out>
Module om_udp
Host 172.28.36.25
Port 12201
#Exec to_syslog_snare();
OutputType GELF
</Output>

<Route 1>
Path in => out
</Route>

Thanks all!

AskedAugust 5, 2020 - 3:43pm

Answer (1)

It seems you are missing...

    Exec       jira->parse_csv();

... at the bottom of your input module.

AnsweredAugust 5, 2020 - 5:47pm

Comments (1)

  • anvers's picture

    Manuel, thanks!! you have right. I followed an example in nxlog website and now i get message, with this config in nxlog (inside have your comment: Exec csv->parse_csv(); )

    #define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

<Extension gelf>
    Module      xm_gelf
</Extension>

<Extension csv>
    Module      xm_csv
    Fields      $RecordNumber,$TimeGenerated,$TimeWritten,$EventID,$EventType,$EventTypeName,$SourceName,$Strings,$ComputerName,$SID,$Message
    FieldTypes  integer,string,string,integer,integer,string,string,string,string,string,string
    Delimiter   ,
</Extension>

<Input file>
    Module      im_file
    File        "C:\\logs\\logs.csv"
    Exec        csv->parse_csv();
</Input>

<Output udp>
    Module      om_udp
    Host        172.28.36.25
    Port        12201
    OutputType  GELF_UDP
</Output>

<Route csv_to_gelf>
    Path        file => udp
</Route>

    August 5, 2020 - 7:17pm