TCP (om_tcp)
This module initiates a TCP connection to a remote host and transfers log messages. Or, in Listen mode, this module accepts client connections and multiplexes data to all connected clients. The TCP transfer protocol provides more reliable log transmission than UDP. If security is a concern, consider using the om_ssl module instead.
To examine the supported platforms, see the list of installer packages in the Available Modules chapter. |
Configuration
The om_tcp module accepts the following directives in addition to the common module directives. The Host or ListenAddr directive is required.
Required directives
The following directives are required for the module to start.
Use either Host for the connect or ListenAddr for the listen mode. |
The module connects to the IP address or hostname defined in this directive. If additional hosts are specified on new lines, the module works in a failover configuration. If a destination becomes unavailable, the module automatically fails over to the next one. If the last destination becomes unavailable, the module fails over to the first destination. The port number can be defined by appending it to the hostname or
IP address using a colon as a separator (
|
|||
The module listens for connections on this IP address or DNS hostname.
The default is To listen on multiple addresses or ports in a single module instance, this directive can be repeated multiple times. Both IPv4 and IPv6 addresses are supported. If a DNS name is used, the number of addresses or cnames should be kept below 16 to avoid potential issues caused by DNS response size limits. |
Listen-mode directives
The following directives are available when using the ListenAddr directive.
This optional directive can be used to allow IP addresses and/or networks to connect. The directive can be set multiple times to add different IPs or networks to allow. This directive is only active when the ListenAddr directive is present. In the absence of this directive, the BlockIP directive is considered. If both AllowIP and BlockIP are absent, then hosts are not restricted from connecting to a listening module. The following formats may be used for the AllowIP directive:
|
|||
This optional directive can be used to deny IP addresses and/or networks to connect. The directive can be set multiple times to add different IPs or networks to deny. This directive is only active when the ListenAddr directive is present. In the absence of this directive, the AllowIP directive is considered. If both AllowIP and BlockIP are absent, then hosts are not restricted from connecting to a listening module. The following formats may be used for the BlockIP directive:
|
|||
With this optional directive it is possible to set the maximum number of allowed concurrent/active connections for a listening TCP socket.
If not specified, the default value is 2024-03-01 22:29:16 ERROR [im_tcp|in_tcp] Number of allowed active connections(10) reached: 10. Refusing connection from 127.0.0.1 |
|||
This optional directive defines the maximum time in seconds before NXLog closes TCP connections without traffic. The minimum timeout value is 15 seconds. If this directive is not specified, NXLog does not close idle TCP connections. |
|||
This optional boolean directive specifies whether the module instance should exclusively bind to the specified port.
The default value is
|
|||
This optional boolean directive determines whether the module instance should forcibly bind to a port already in use.
The default value is |
|||
This optional boolean directive specifies whether multiple om_tcp module instances can listen on the same port.
When you enable this directive, multiple instances run in a separate thread, allowing NXLog to process incoming logs simultaneously.
See the examples below.
The default value is
|
Optional directives
This optional directive specifies the local port number of the connection. This directive only applies if Listen is set to FALSE. If this is not specified, a random high port number will be used, which is not always ideal in firewalled network environments.
|
|||
See the OutputType directive in the list of common module directives. The default is LineBased_LF. |
|||
If set to |
|||
This optional directive sets the reconnect interval in seconds. If it is set, the module attempts to reconnect in every defined second. If it is not set, the reconnect interval will start at 1 second and double with every attempt. If the duration of the successful connection is greater than the current reconnect interval, then the reconnect interval will be reset to 1 sec.
|
|||
This boolean directive is used to turn off the network optimization performed by Nagle’s algorithm. Nagle’s algorithm is a network optimization tweak that tries to reduce the number of small packets sent out to the network, by merging them into bigger frames, and by not sending them to the other side of the session before receiving the ACK. If this directive is unset, the TCP_NODELAY socket option will not be set. |
TCP connections are kept alive by keep-alive packets. This feature is enabled by default and cannot be disabled. |
Procedures
The following procedures are exported by om_tcp.
reconnect();
-
Force a reconnection. This can be used from a Schedule block to periodically reconnect to the server.
The reconnect() procedure must be used with caution. If configured, it can attempt to reconnect after every event sent, potentially overloading the destination system.
Examples
With this configuration, NXLog will read log messages from a socket and forward them via TCP.
<Input uds>
Module im_uds
UDS /dev/log
</Input>
<Output tcp>
Module om_tcp
Host 192.168.1.1:1514
</Output>
<Route uds_to_tcp>
Path uds => tcp
</Route>
This configuration sends logs via TCP in a failover configuration (multiple Hosts defined).
<Output tcp>
Module om_tcp
Host 192.168.1.2:1514
Host 192.168.1.3:1234
Host example.com:1234
</Output>