Use case of Side Car Collector with Mutliple Inputs

Hi Folks,

I have few questions, probably weird ones.

Currently, I have 1 pair of output and input under side-car collector configuration to index specific windows security logs. I am wondering what would be the use case where you have multiple inputs of nxlog under single side-car collector. Can I add another nxlog input for file input under same config?
Is it possible? How would it work? Would nxlog.conf be updated using multiple nxlog inputs under same collector config?

Also, my nxlog is managed by side-car collector, I am wondering if i have to add more functions to the nxlog config how would i go about doing it while still using side car. I don’t see much options to add more functions to nxlog using side car.

For indexing csv file or log file, out of 2 nxlog and filebeat, which one is better?

As always, thanks to all the awesome folks for being always helpful.

Cheers,
Navdeep

Yes. Having several inputs in nxlog configuration, where nxlog is controlled by collector sidecar, is typical.

For example: for retrieving both Windows eventlogs and DHCP server logs from the same server. Or some other application logs.

Thanks Jtkarvo, could you plz comment on other questions as well.

Cheers

I don’t really know what the different things on the side car configuration page are. I have just used the configuration snippet to write directly the nxlog configuration file. I have no experience on filebeat.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.