Hello,
I'm collecting with nxlog many log files from various processes, and they
are sent via TCP on a central nxlog server (reachable only through one IP
and one port). For all messages sent, I add the name of the original
process at the beginning of the message, something like :
#--Process1--#.....
#--Process2--#.....
That means on central server I have/receive a big log file with messages
from all my processes. This is working very well.
Now I want to split that big log file in as much log files than processes
by using nxlog. I tried to do filtering and to use rotate_to but it doesn't
work. Here is what I tried :
...
<Input Local_In>
Module im_file
File ("%OUTDIR%\\nxlog_CentralLogFile_"+ strftime(now(),
"%Y%m%d")+".txt")
SavePos TRUE
ReadFromLast FALSE
InputType multiline
</Input>
<Output Local_Out>
Module om_file
File ("%OUTDIR%\\temp_"+ strftime(now(), "%Y%m%d")+".txt")
Exec if $raw_event =~ /^#-----PROCESS1------#/ \
{ \
rotate_to ("%OUTDIR%\\PROCESS1_"+ strftime(now(),
"%Y%m%d")+".txt"); \
} \
if $raw_event =~ /^#-----PROCESS2------#/ \
{ \
rotate_to ("%OUTDIR%\\PROCESS2_"+ strftime(now(),
"%Y%m%d")+".txt"); \
} \
</Output>
...
Do you have some advice to proceed that task please ? or maybe I'm totally
on the wrong way ?
Thank you for your Help,
Oliver
------------------------------------------------------------------------------
Android is increasing in popularity, but the open development platform that
developers love is also attractive to malware creators. Download this white
paper to learn more about secure code signing practices that can help keep
Android apps secure.
http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk
_______________________________________________
nxlog-ce-users mailing list
nxlog-ce-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
