- Overview
- Module Description - What the module does and why it is useful
- Setup - The basics of getting started with nxlog
- Usage - Configuration options and additional functionality
- Reference - An under-the-hood peek at what the module is doing and how
- Limitations - OS compatibility, etc.
- Development - Guide for contributing to the module
This module manages the installation and configuration of nxlog community edition on windows hosts.
This module manages the installation and configuration of nxlog community edition on Windows hosts. A common use case is to use this to ship off logs to something like splunk, or logstash.
Manages the following
- nxlog config files
- nxlog inputs
- nxlog outputs
- nxlog routes
- nxlog-ce package installation
- nxlog.conf
- nxlog inputs
- nxlog outputs
- nxlog routes
Including the base class will handle the installation of nxlog but doesn't do much else on its own.
include nxlog
Include the base class and any inputs, outputs, and routes.
include nxlog
nxlog::input {'eventlogs':
input_name => 'eventlogs',
input_module => 'im_msvistalog',
query => '<QueryList><Query Id="0"><Select Path="Security">*</Select></Query>y</QueryList>',
}
nxlog::output {'out':
output_name => 'out',
output_module => 'om_tcp',
output_host => '192.168.1.1',
output_port => '514',
output_exec => 'to_syslog_snare();',
}
# must route to existing output defined above
nxlog::route {'route1':
route_name => 'route1',
route_path => 'eventlogs => out',
}
For more details on the use of nxlog and its parameters please view the documentation
nxlog
nxlog::confignxlog::paramsnxlog::servicenxlog::install
nxlog::inputnxlog::outputnxlog::route
This is the main class. It will install nxlog and manage the service.
root: Sets the root install path in nxlog.conf- Default:
"C:\\Program Files (x86)\\nxlog"
- Default:
module_dir: By default the nxlog binaries have a compiled-in value for the directory to search for loadable modules. This can be overrridden with this directive. The module directory contains subdirectories for each module type (extension, input, output, processor) and the module binaries are located in those.- Default:
%ROOT%\modules
- Default:
cache_dir: Specifies where the cache file is written to- Default:
%ROOT\data
- Default:
pid_file: Directive has no effect on Windows- Default:
%ROOT%\data\nxlog.pid
- Default:
spool_dir: nxlog will change its working directory to the value specified with this directive. This is useful with files created through relative filenames, e.g. with om_file and in case of core dumps. This directive has no effect with the nxlog-processor.- Default:
%ROOT%\data
- Default:
log_file: Specifies where nxlog will write its internal log file- Default:
%ROOT%\data\nxlog.log
- Default:
input_name: Required What the input is called. This is how it will be referenced in route directives- Default: undef
input_module: Required What nxlog module the input will use.- Default: undef
query: Optional- Default: undef
output_name: Required What the output will be called.- Default: undef
output_module: Required What nxlog module the output will use.- Default: undef
output_host: Required Hostname or IP of the output destination host.- Default: undef
output_port: Required Destination port- Default: undef
output_exec: Required- Default: undef
route_name: Required What the route will be called.- Default: undef
route_path: Required How the data will be route. Should take the form ofinput_name => output_name. Input_names should be comma separated when there is more than one.- Default: undef
route_priority: optional- Default: undef
I welcome all contributions and appreciate pull requests.