Hello, Did you add the windows-event-log nar to your MiNiFi distribution? This is not a bundle that is automatically included. The log is creating a ghost implementation as it cannot find a backing implementation for that component coordinate. This is likely the best approach but you will need to augment the standard minifi distribution to also support this functionality.
As far as your second approach, this is unlikely to be the result you are looking for. To the best of my knowledge, the evtx format is a format that would not lend itself well to the appended log format TailFile is expecting. On Thu, Nov 1, 2018 at 12:23 PM Jagan <[email protected]> wrote: > Hi all... > > I am trying to fetch remote windows server event logs in two ways > 1.by installing minifi agent on the remote server and then created a > minifi > config.yml with ConsumeWindowsEventLog processor and Remote process group > > after that I have started minifi agent where ConsumeWindowsEventLog > processor able to read logs from windows event log but was not able to send > them to Remote process group here messages are getting queued and not > reaching Remote process group > > where I have seen following error in minifi agent logs > > 2018-10-31 21:02:36,690 WARN [main] org.apache.nifi.minifi.FlowEnricher > Could not find any eligible bundles for > org.apache.nifi.processors.windows.event.log.ConsumeWindowsEventLog. > Automatic start of the flow cannot be guaranteed. > 2018-10-31 21:02:41,011 WARN [main] o.a.n.c.StandardFlowSynchronizer Schema > validation error parsing Flow Configuration at line 16, col 27: > cvc-complex-type.2.4.a: Invalid content was found starting with element > 'maxConcurrentTasks'. One of '{bundle}' is expected. > 2018-10-31 21:02:41,489 ERROR [main] > o.apache.nifi.controller.FlowController > Could not create Processor of type > org.apache.nifi.processors.windows.event.log.ConsumeWindowsEventLog for ID > 2b67acce-9365-3433-0000-000000000000; creating "Ghost" implementation > org.apache.nifi.controller.exception.ProcessorInstantiationException: > Unable > to find bundle for coordinate default:unknown:unversioned at > > org.apache.nifi.controller.FlowController.instantiateProcessor(FlowController.java:1271) > > please suggest me how can I overcome this error... > and the second method is > > 2..by installing minifi agent on the remote server and then created a > minifi > config.yml with tailfile processor and Remote process group > here I am specifying the file location of > Application.evtx(C:\Windows\System32\winevt\Logs\Application.evtx > ) > > will this method work for fetching remote windows server event logs because > when I try this I got no response from tail file processor > > and please suggest me if there are better ways to do this > > Thank you all... > > > > -- > Sent from: http://apache-nifi-developer-list.39713.n7.nabble.com/ >
