NXLog Docs

WTMP (xm_wtmp)

This module provides a parser function to process binary wtmp files. The module registers a parser function using the name of the extension module instance. This parser can be used as a parameter for the InputType directive in input modules such as im_file.

To examine the supported platforms, see the list of installer packages in the Available Modules chapter.


The xm_wtmp module accepts only the common module directives.


Example 1. WTMP to JSON format conversion

The following configuration accepts WTMP and converts it to JSON.

<Extension wtmp>
    Module      xm_wtmp

<Extension json>
    Module      xm_json

<Input in>
    Module      im_file
    File        '/var/log/wtmp'
    InputType   wtmp
    Exec        to_json();

<Output out>
    Module      om_file
    File        '/var/log/wtmp.txt'

<Route processwtmp>
    Path        in => out
Output Sample
  "EventTime":"2013-10-01 09:39:59",
  "EventReceivedTime":"2013-10-10 15:40:20",
  "EventTime":"2013-10-01 23:23:38",
  "Device":"no device",
  "EventReceivedTime":"2013-10-11 10:58:00",