Windows XML Event Log (EVTX) parser
Available in AxoSyslog version 4.5 and later.
The new windows-eventlog-xml-parser() can parse messages in the Windows XML Event Log (EVTX) format.
Example configuration:
parser p_win {
windows-eventlog-xml-parser(prefix(".winlog."));
};
The windows-eventlog-xml-parser() parser has the same parameters are the same as the xml() parser.
Don’t forget to include the parsers in a log statement to actually use it:
log {
source(s_local);
parser(windows-eventlog-xml-parser(prefix(".winlog.")));
destination(d_local);
};
Last modified December 18, 2024: Merge pull request #90 from axoflow/minor-fixes-241218 (68cd7df)