Hi Mehmat,
i apologize for the late respond.
Thank you very much for the nice example. :)
if i am using catailna.out or simple log file then which pattern i should
use for the logging ?
:)
On Wednesday, December 16, 2015 at 2:25:18 AM UTC+5:30, Mehmet Ali
Büyükkarakaş wrote:
>
> Hello Amit.
>
> This is a working NXLOG configuration. You can use this as example.
> Cheers.
>
> Mehmet
>
> ########################################
> # Global directives #
> ########################################
> User root
> #User nxlog
> Group nxlog
>
> LogFile /var/log/nxlog/nxlog.log
> LogLevel INFO
>
> ########################################
> # Modules #
> ########################################
>
> <Extension gelf>
> Module xm_gelf
> </Extension>
>
> <Input in1>
> Module im_file
> File "/var/log/messages"
> SavePos TRUE
> </Input>
>
> <Input access_log>
> Module im_file
> File "/var/log/httpd/access_log"
> Exec if $raw_event =~ /^(\S+) (\S+) (\S+) \[([^\]]+)\] \"(\S+)
> (.+) HTTP.\d\.\d\" (\d+) (\d+) \"([^\"]+)\" \"([^\"]+)\"/\
> { \
> $Hostname = $1; \
> if $3 != '-' $AccountName = $3; \
> $EventTime = parsedate($4); \
> $HTTPMethod = $5; \
> $HTTPURL = $6; \
> $HTTPResponseStatus = $7; \
> $FileSize = $8; \
> $HTTPReferer = $9; \
> $HTTPUserAgent = $10; \
> }
> </Input>
>
> <Output graylog_out>
> Module om_udp
> Host 192.168.100.111
> Port 12201
> OutputType GELF_UDP
> </Output>
>
>
> ########################################
> # Routes #
> ########################################
> <Route 1>
> Path in1 => graylog_out
> </Route>
>
> <Route 2>
> Path access_log => graylog_out
> </Route>
>
>
> On Monday, December 14, 2015 at 7:49:04 PM UTC+2, Amit Sharma wrote:
>>
>> HI,
>>
>> I am trying to get logs from tomcat through nxlog.
>>
>> can you please suggest what changes i need to make in config file of
>> nxlog.conf ?
>>
>> Linux - Centos 6.6
>> tomcat logs file location - /vol1/apache-tomcat-8.0.15/logs/catalina.out
>> graylog host - lb01-graylog
>> port - lb01-graylog
>>
>>
>>
>> ## This is a sample configuration file. See the nxlog reference manual
>> about the
>> ## configuration options. It should be installed locally under
>> ## /usr/share/doc/nxlog-ce/ and is also available online at
>> ## http://nxlog.org/docs
>>
>> ########################################
>> # Global directives #
>> ########################################
>> User nxlog
>> Group nxlog
>>
>> LogFile /var/log/nxlog/nxlog.log
>> LogLevel INFO
>>
>> ########################################
>> # Modules #
>> ########################################
>> <Extension _syslog>
>> Module xm_syslog
>> </Extension>
>>
>> <Input in1>
>> Module im_udp
>> Port 514
>> Exec parse_syslog_bsd();
>> </Input>
>>
>> <Input in2>
>> Module im_tcp
>> Port 514
>> </Input>
>>
>> <Output fileout1>
>> Module om_file
>> File "/var/log/logmsg.txt"
>> Exec if $Message =~ /error/ $SeverityValue =
>> syslog_severity_value("error");
>> Exec to_syslog_bsd();
>> </Output>
>>
>> <Output fileout2>
>> Module om_file
>> File "/var/log/logmsg2.txt"
>> </Output>
>>
>> ########################################
>> # Routes #
>> ########################################
>> <Route 1>
>> Path in1 => fileout1
>> </Route>
>>
>> <Route tcproute>
>> Path in2 => fileout2
>> </Route>
>>
>>
--
You received this message because you are subscribed to the Google Groups
"Graylog Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/graylog2/cf9560fd-7aef-4566-9e00-ff2c0018d1ff%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
