Commit 386ee775 authored by NXLog CI User's avatar NXLog CI User

New Config Samples

parent 3a3fd9ad
include_stdout /opt/nxset/etc/fetch_conf.sh
\ No newline at end of file
<Exec>
log_info("first");
log_info("second");
</Exec>
\ No newline at end of file
# Global section
User nxlog
Group nxlog
# Modules section
<Input in>
Module im_null
</Input>
<Output out>
Module om_null
</Output>
# Route section
<Route r>
Path in => out
</Route>
\ No newline at end of file
define ACTION log_warning("dropping message"); drop();
<Input in>
Module im_file
File '/var/log/messages'
Exec if $raw_event =~ /dropme/ %ACTION%
</Input>
\ No newline at end of file
include /opt/nxlog/etc/nxlog.d/*.conf
\ No newline at end of file
include C:\Program Files\nxlog\conf\nxlog.d\\*.conf
\ No newline at end of file
include_stdout /opt/nxlog/etc/fetch_conf.sh
\ No newline at end of file
include /opt/nxlog/etc/syslog.conf
\ No newline at end of file
<Input instancename>
Module im_module
...
</Input>
\ No newline at end of file
<Input in1>
Module im_null
</Input>
<Input in2>
Module im_null
</Input>
<Output out1>
Module om_null
</Output>
<Output out2>
Module om_null
</Output>
\ No newline at end of file
<Route r>
Path in1, in2 => out1, out2
</Route>
\ No newline at end of file
<Route example>
Path in1, in2 => proc => out1, out2
</Route>
\ No newline at end of file
Exec if $Message =~ /something interesting/ \
log_info("found something interesting"); \
else \
log_debug("found nothing interesting");
\ No newline at end of file
<Input audit>
Module im_linuxaudit
Module im_linuxaudit
FlowControl FALSE
<Rules>
# Watch /etc/passwd for modifications and tag with 'passwd'
-w /etc/passwd -p wa -k passwd
......
<Input audit>
Module im_linuxaudit
FlowControl FALSE
LoadRule 'im_linuxaudit_*.rules'
</Input>
\ No newline at end of file
<Input audit>
Module im_linuxaudit
FlowControl FALSE
LoadRule '/opt/nxlog/etc/audit.rules'
</Input>
\ No newline at end of file
<Input audit>
Module im_linuxaudit
Module im_linuxaudit
FlowControl FALSE
<Rules>
# Delete all rules (This rule has no affect; it is performed
# automatically by im_linuxaudit)
......
User nxlog
Group nxlog
\ No newline at end of file
INSTANCE_MODE=distributed-manager
\ No newline at end of file
[mysqld]
max_allowed_packet = 256M
\ No newline at end of file
[client]
password=
\ No newline at end of file
SELINUX=permissive
\ No newline at end of file
127.0.1.1 myname.example.com myname
\ No newline at end of file
define BASE /opt/nxlog_new
define CERTDIR %BASE%/var/lib/nxlog/cert
define CONFDIR %BASE%/var/lib/nxlog
define LOGDIR %BASE%/var/log/nxlog
define LOGFILE "%LOGDIR%/nxlog.log"
SpoolDir %BASE%/var/spool/nxlog
# default values:
PidFile %BASE%/var/run/nxlog/nxlog.pid
CacheDir %BASE%/var/spool/nxlog
ModuleDir %BASE%/lib/nxlog/modules
\ No newline at end of file
<ACL conf>
Directory /var/run/nxlog/configs
AllowRead TRUE
AllowWrite TRUE
</ACL>
\ No newline at end of file
<ACL conf>
Directory /var/run/nxlog/configs
AllowRead TRUE
AllowWrite TRUE
</ACL>
\ No newline at end of file
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment