Hi,
We have a bespoke application that runs exclusivly on Windows Servers that writes errors and messages to text files saved in a directory - c:\customapplogs
Is it possilbe to parse these custom text files into Graylog please so they are viewable from a web console and configure alerting via email to relevant dev’s?
Thanks in advance
Hi ftl,
This is what we do with NXlog and preferable in GELF format as we went stuck on sending plain text. On the Graylog side you configure a GELF TCP port. (or udp if you require that)
Your nxlog config could look like this:
Panic Soft
#NoFreeOnExit TRUE
define ROOT C:\Program Files\nxlog
define CERTDIR %ROOT%\cert
define CONFDIR %ROOT%\conf
define LOGDIR %ROOT%\data
define LOGFILE %LOGDIR%\nxlog.log
LogFile %LOGFILE%
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
<Extension gelf>
Module xm_gelf
ShortMessageLength 65536
</Extension>
<Extension multiline>
Module xm_multiline
HeaderLine /^[0-9]{4}-[0-9]{2}-[0-9]{2}.[0-9]{2}:[0-9]{2}:[0-9]{2}.[0-9]{3}(.*)/
(this makes it possible to have multiline events in one message triggering on the timestamp in your logfile as first line, adjust this to your needs)
$raw_event = $1;
</Extension>
<Input application_log>
Module im_file
InputType multiline
File "R:\logs\yourlogfile.log"
</Input>
<Output tcp>
Module om_tcp
Host <ip graylog server>
Port < the port you want on graylog>
OutputType GELF_TCP
</Output>
<Route messages_to_tcp>
Path application_log => tcp
</Route>
Kind greetings,
Arie
thankyou for the detailed reply Arie
Will look into this
Regards
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.