This module initiates a TCP connection to a remote host and transfers log messages. Or, in Listen mode, this module accepts client connections and multiplexes data to all connected clients. The TCP transfer protocol provides more reliable log transmission than UDP. If security is a concern, consider using the om_ssl module instead.
This optional directive may be used to specify a whitelist of IP addresses and/or networks that are allowed to connect. The directive can be specified more than once to add different IPs or networks to the whitelist. This directive is only active when the Listen or ListenAddr directives are present. In the absence of this directive, there is no restriction on the hosts which may connect to a listening module. The following formats may be used:
0.0.0.0/32(IPv4 network with subnet bits)
0.0.0.0/0.0.0.0(IPv4 network with subnet address)
aa::12/64(IPv6 network with subnet bits)
The module connects to the IP address or hostname defined in this directive. If additional hosts are specified on new lines, the module works in a failover configuration. If a destination becomes unavailable, the module automatically fails over to the next one. If the last destination becomes unavailable, the module fails over to the first destination.
The port number can be defined by appending it at the end of the hostname or IP address using a colon as a separator (
host:port). For each destination with no port number defined here, the port number specified in the Port directive is used. Port numbers defined here take precedence over any port number defined in the Port directive. The default port is 514.
The module listens for connections on this IP address or DNS hostname. The default is
localhost. Add the port number to listen on to the end of a host using a colon as a separator (
To listen on multiple addresses or ports in a single module instance, this directive can be repeated multiple times. Both IPv4 and IPv6 addresses are supported. If a DNS name is used, the number of addresses or cnames should be kept below 16 to avoid potential issues caused by DNS response size limits.
For client applications that don’t support IPv6, to avoid the behavior
described above the
Alternatively, the server-side system may be configured to prioritize IPv4
addresses for the hostname specified by the
For more information see the Microsoft documentation on Configuring IPv6 in Windows for advanced users.
This limitation will be addressed in a future release by making listening modules bind to all available IPv4/IPv6 addresses that a hostname resolves to.
The module connects to the port number on the destination host defined in this directive. This configuration is only used for any destination that does not have a port number specified in the Host directive. If no port is configured for a destination in either directive, the default port is used, which is port
514. Alternatively, if Listen is set to TRUE, the module listens for connections on this port.
|The Port directive will become deprecated from NXLog EE 6.0. After that, the port can only be defined in the Host directive.|
|The Listen directive will become deprecated from NXLog EE 6.0. Use either Host for connect mode or ListenAddr for listen mode.|
This optional directive specifies the local port number of the connection. This directive only applies if Listen is set to FALSE. If this is not specified, a random high port number will be used, which is not always ideal in firewalled network environments.
Due to the required
If set to TRUE, this boolean directive specifies that events should be queued if no client is connected. If this module’s buffer becomes full, the preceding module in the route will be paused or events will be dropped, depending on whether FlowControl is enabled. This directive only applies if Listen is set to TRUE. The default is FALSE: om_tcp will discard events if no client is connected.
This optional directive sets the reconnect interval in seconds. If it is set, the module attempts to reconnect in every defined second. If it is not set, the reconnect interval will start at 1 second and doubles with every attempt. If the duration of the successful connection is greater than the current reconnect interval, then the reconnect interval will be reset to 1 sec.
The Reconnect directive must be used with caution. If it is used on multiple systems, it can send reconnect requests simultaneously to the same destination, potentially overloading the destination system. It may also cause NXLog to use unusually high system resources or cause NXLog to become unresponsive.
This boolean directive is used to turn off the network optimization performed by Nagle’s algorithm. Nagle’s algorithm is a network optimization tweak that tries to reduce the number of small packets sent out to the network, by merging them into bigger frames, and by not sending them to the other side of the session before receiving the ACK. If this directive is unset, the TCP_NODELAY socket option will not be set.
The following procedures are exported by om_tcp.
Force a reconnection. This can be used from a Schedule block to periodically reconnect to the server.
The reconnect() procedure must be used with caution.
If configured, it can attempt to reconnect after every event sent, potentially overloading the destination system.
Pre-v5 syntax examples are included, they will become invalid with NXLog EE 6.0.
With this configuration, NXLog will read log messages from socket and forward them via TCP.
<Input uds> Module im_uds UDS /dev/log </Input> <Output tcp> Module om_tcp Host 192.168.1.1:1514 </Output> # Using the syntax prior to NXLog EE 5, # where the port is defined in a separate directive. #<Output tcp> # Module om_tcp # Host 192.168.1.1 # Port 1514 #</Output> <Route uds_to_tcp> Path uds => tcp </Route>
This configuration sends logs via TCP in a failover configuration (multiple Hosts defined).
<Output tcp> Module om_tcp Host 192.168.1.2:1514 Host 192.168.1.3:1234 Host example.com:1234 </Output>