adsense_main_top_wide


fluentd iis splitter cheap_server

nxlog.conf

## This is a sample configuration file. See the nxlog reference manual about the
## configuration options. It should be installed locally and is also available
## online at http://nxlog.org/nxlog-docs/en/nxlog-reference-manual.html

## Please set the ROOT to the folder your nxlog was installed into,
## otherwise it will not start.

#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

#<Extension _syslog>
#    Module      xm_syslog
#</Extension>



<Input iislog>

    Module    im_file
    File    "C:\\nxlog\\logs*"

    SavePos FALSE
    ReadFromLast FALSE
 
    Exec if $raw_event =~ /^#/ drop();
 
</Input>


<Output out>
    Module      om_tcp
    Host        SERVER IP
    Port        SERVER PORT
</Output>

<Route 1>
    Path        iislog => out
</Route>


splitter


<source>

    type tcp

    format /^(?<time>[^ ]* [^ ]*) (?<ssitename>[^ ]*) (?<scomname>[^ ]*) (?<sip>[0-9.]*) (?<csmethod>[^ ]*) (?<csuristem>[^ ]*) (?<csuriquery>[^ ]*) (?<sport>[0-9]*) (?<csusername>[^ ]*) (?<cip>[0-9.]*) (?<csver>[^ ]*) (?<csua>[^ ]*) (?<ccook>[^ ]*) (?<csref>[^ ]*) (?<cshost>[^ ]*) (?<scstatus>[0-9]*) (?<scsubstatus>[0-9]*) (?<scwin32status>[0-9.]*) (?<scbyt>[0-9]*) (?<csbyt>[0-9]*) (?<timetaken>[0-9]*)/

    time_format %Y-%m-%d %H:%M:%S



</source>
 




adsense

이 이글루를 링크한 사람 (화이트)

33