Remote Unix TextLog Receiver

Definition

Protocol

SSH

 

 

Description

Log into remote Unix Host using ssh Login, read lines from the end of FileName and set application name to Application.

 

 

Comments

If Host, Login or FileName are missing, blank or invalid, disable the reader.

Each generated event has the following fields with their respective values:

Event Field Contents
ev:host value of Host parameter
ev:app value of Application parameter - default is RemoteUnixReader
ev:log value of FileName parameter

ev:msg

last read line

 

Example

<source  objectId="RemoteLinuxLog-localhost" stdout="ProcessInput-Stack" type="RemoteUnixTextLogReceiver">
	<parameter type="Host">192.168.0.100</parameter>
	<parameter type="Login">
		<user>root</user>
		<password>b3A1b3R461</password>
	</parameter>
	<parameter type="FileName">/var/log/messages</parameter>
	<parameter type="Application">RemoteLinuxLog</parameter>
</source>