fluent-plugin-parser-winevt_xml
Component
Fluentd Parser plugin for XML rendered Windows EventLogs
Fluentd plugin to parse XML rendered Windows Event Logs.
Installation
gem install fluent-plugin-parser-winevt_xml
Configuration
parser_winevt_xml
<parse>
@type winevt_xml
preserve_qualifiers true
</parse>
preserve_qualifiers
Preserve Qualifiers key instead of calculating actual EventID with Qualifiers. Default is true
.
parser_winevt_sax
This plugin is a bit faster than winevt_xml
.
<parse>
@type winevt_sax
preserve_qualifiers true
</parse>
preserve_qualifiers
Preserve Qualifiers key instead of calculating actual EventID with Qualifiers. Default is true
.
Copyright
Copyright
Copyright(C) 2019- Hiroshi Hatake, Masahiro Nakagawa
License
Apache License, Version 2.0