Nxlog configuration, dropping logs from local host on IIS

Help Center Logpoint Docs Idea Portal Logpoint.com

Hi,

I can’t get this to work, maybe some of you have tried this before.

The drop line below works fine syntax wise, but my goal are to get rid of 127.0.0.1 logs, and when i remove the “!” it fails.

Help Are apprecierede

Regards Kai

<Input IIS1>
Module im_file
File "C:\\inetpub\\logs\\LogFiles\\W3SVC1\\u_ex*"
Exec if $MessageSourceAddress != "127.0.0.1" drop ();
ReadFromLast FALSE
Recursive TRUE
PollInterval 1
Exec $FileName = file_name();
Exec if $raw_event =~ /^#/ drop();\
else\
{\
w3c->parse_csv();\
$EventTime = $EventTime - (2 * 3600);\
$SourceName = "IIS";\
}
</Input>

Be the first to reply!

Reply

Sign up

Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.

Login to the community

Already a Partner or Customer? Login with your LogPoint Support credentials. Don‘t have a LogPoint Support account? Ask your local LogPoint Representative. Only visiting? Login with LinkedIn to gain read–access.

Scanning file for viruses.

This file cannot be downloaded