NXLog Documentation

nxlog-processor(8)

NAME

nxlog-processor - performs batch log processing

SYNOPSIS

nxlog-processor [-c conffile] [-v]

DESCRIPTION

The nxlog-processor tool is similar to the NXLog daemon and uses the same configuration file. However, it runs in the foreground and exits after all input log data has been processed. Common input sources are files and databases. This tool is useful for log processing tasks such as:

  • loading a group of files into a database,

  • converting between different formats,

  • testing patterns,

  • doing offline event correlation, or

  • checking HMAC message integrity.

While the details provided here apply to NXLog installations on Linux and other UNIX-style operating systems in particular, a few Windows-specific notes are included.

OPTIONS

-c conffile, --conf conffile

Specify an alternate configuration file conffile.

-h, --help

Print help.

-v, --verify

Verify configuration file syntax.

FILES

/opt/nxlog/bin/nxlog-processor

The main NXLog-processor executable

/opt/nxlog/bin/nxlog-stmnt-verifier

This tool can be used to check NXLog Language statements. All statements are read from standard input and then validated. If a statement is invalid, the tool prints an error to standard error and exits non-zero.

/opt/nxlog/etc/nxlog.conf

The default configuration file

/opt/nxlog/spool/nxlog/configcache.dat

This is the position cache file where positions are saved. To disable position caching, as may be desirable when using nxlog-processor, set the NoCache directive to TRUE.

ENVIRONMENT

To access environment variables in the NXLog configuration, use the envvar directive.

Copyright © NXLog Ltd. 2022

The NXLog Community Edition is licensed under the NXLog Public License. The NXLog Enterprise Edition is not free and has a commercial license.