response
Is the Conf file format work ? Which point will this read the SQL table ? SQL Table as provided by DCS integration with SIEM solutions like Splunk, SSIM or ArcSight (broadcom.com) KB https://knowledge.broadcom.com/external/article?articleId=175333
<Input reading_integer_id>
Module im_odbc
ConnectionString Driver={ODBC Driver 17 for SQL Server}; Server=xxxxx; Trusted_Connection=yes; Database=db1;UID=ROUSER;PWD=xxxxx;
IdType integer
SQL SELECT Event_ID AS id, * FROM dbo.CSPEVENT_VW WHERE Event_ID > ?
Exec delete($id);
</Input>
Initial run of this gives the following error
2021-12-30 04:22:41 WARNING no routes defined!
2021-12-30 04:22:41 WARNING not starting unused module reading_integer_id
2021-12-30 04:22:41 INFO nxlog-4.10.5008-trial started
2021-12-30 04:22:50 WARNING stopping nxlog service
2021-12-30 04:22:51 WARNING nxlog received a termination request signal, exiting.