Update NXLog to include om_http module

DataDog · Dec 12, 2024 · e5b1e9d · e5b1e9d
1 parent 1052d76
commit e5b1e9d
Showing 1 changed file with 19 additions and 188 deletions.
diff --git a/content/en/integrations/nxlog.md b/content/en/integrations/nxlog.md
@@ -10,7 +10,7 @@ doc_link: /integrations/nxlog/
 aliases:
     - /logs/log_collection/nxlog
 has_logo: true
-integration_title: nxlog
+integration_title: NXLog
 is_public: true
 dependencies:
     ['https://github.com/DataDog/documentation/blob/master/content/en/integrations/nxlog.md']
@@ -22,20 +22,19 @@ integration_id: "nxlog"
 
 ## Overview
 
-Configure NXLog to gather logs from your host, containers, & services.
+Configure NXLog to gather logs from your host, containers, and services.
 
 ## Setup
 
-### Log collection
+The following outlines the setup for log collection through [TCP](#log-collection-over-tcp) or [HTTP](#log-collection-over-http) endpoints and [NXLog TLS encryption](#nxlog-tls-encryption).
+
+### Log collection over TCP
 
 {{< site-region region="us3,us5,ap1,gov" >}}
   <div class="alert alert-warning">The TCP endpoint is not supported for your selected <a href="/getting_started/site">Datadog site</a> ({{< region-param key="dd_site_name" >}}). For a list of logging endpoints, see <a href="/logs/log_collection/?tab=tcp#additional-configuration-options">Log Collection and Integrations</a>.</div>
 {{< /site-region >}}
 
 
-{{< site-region region="us1,eu" >}}
-{{< tabs >}}
-{{% tab "TCP" %}}
 1. Configure NXLog to send your logs to your Datadog platform, replace the whole file in `C:\Program Files\nxlog\conf` by the following:
 
     ```conf
@@ -69,8 +68,8 @@ Configure NXLog to gather logs from your host, containers, & services.
     ##TCP output module
     <Output out>
         Module      om_tcp
-        Host        intake.logs.datadoghq.com
-        Port        10514
+        Host        {{< region-param key="web_integrations_endpoint" >}}
+        Port        {{< region-param key="tcp_endpoint_port" >}}
         Exec        to_syslog_ietf();
         Exec        $raw_event="<DATADOG_API_KEY> "+$raw_event;
     </Output>
@@ -118,34 +117,9 @@ Configure NXLog to gather logs from your host, containers, & services.
     Exec        $ddtags = 'env:test,<KEY>:<VALUE>';
     ```
 
-### NXLog TLS encryption
-
-1. Download the [CA certificate][1].
-
-2. Add the `om_ssl` module in your NXLog configuration to enable secure transfer over port 10516:
-
-    ```conf
-    <Output out>
-      Module  om_ssl
-      Host    intake.logs.datadoghq.com
-      Port    10516
-      Exec    to_syslog_ietf();
-      Exec    $raw_event="my_api_key " + $raw_event;
-      CAFile  <CERT_DIR>/ca-certificates.crt
-      AllowUntrusted FALSE
-    </Output>
-    ```
-
-[1]: /resources/crt/ca-certificates.crt
-
-{{< /site-region >}}
-
-{{< tabs >}}
-{{% tab "Datadog US site" %}}
+### Log collection over HTTP
 
-1. Configure NXLog to send your logs to your Datadog platform, replace the whole file in `C:\Program Files\nxlog\conf` by the following:
-
-    ```conf
+```conf
     ## Set the ROOT to the folder your nxlog was installed into,
     ## otherwise it won't start.
     #To change for your own system if necessary
@@ -173,57 +147,19 @@ Configure NXLog to gather logs from your host, containers, & services.
     #    Module      im_mseventlog
     </Input>
     ############ OUTPUTS ##############
-    ##TCP output module
+    ##HTTP output module
     <Output out>
-        Module      om_tcp
-        Host        intake.logs.datadoghq.com
-        Port        10514
+        Module      om_http
+        URL         {{< region-param key="http_endpoint" >}}
+        Port        {{< region-param key="http_port" >}}
         Exec        to_syslog_ietf();
         Exec        $raw_event="<DATADOG_API_KEY> "+$raw_event;
     </Output>
     ############ ROUTES TO CHOOSE #####
     <Route 1>
         Path        syslogs => out
     </Route>
-    ```
-
-     Do not forget to replace `<DATADOG_API_KEY>` in the format.
-
-2. Activate NXLog watchfile module for each file you want to monitor, add the following before the output section:
-
-    ```conf
-    ##Module to watch a file
-    <Input FILE_WATCH_1>
-      Module im_file
-      File "PATH\\TO\\YOUR\\FILE1"
-      Exec   $SourceName = '<MY_APPLICATION_NAME>';
-      SavePos TRUE
-
-      ##include the message and add meta data
-      Exec $Message = $raw_event;
-    </Input>
-    ```
-
-3. Make sure those files are plugged in the output section:
-
-    ```conf
-    <Route file1>
-        Path    FILE_WATCH_1,FILE_WATCH_2,... => out
-    </Route>
-    ```
-
-4. Restart NXLog. Open the service administrative tool:
-
-    ```text
-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Services.lnk
-    ```
-
-5. (Optional) Set extra parameters or tags. Add any specific attribute to your logs in each input section of your NXLog configuration file. For instance, to specify the source that is used in Datadog to identify the integration the logs come from, use:
-
-    ```conf
-    Exec        $ddsource = 'mysourcevalue';
-    Exec        $ddtags = 'env:test,<KEY>:<VALUE>';
-    ```
+```
 
 ### NXLog TLS encryption
 
@@ -234,8 +170,8 @@ Configure NXLog to gather logs from your host, containers, & services.
     ```conf
     <Output out>
       Module  om_ssl
-      Host    intake.logs.datadoghq.com
-      Port    10516
+      Host    {{< region-param key="web_integrations_endpoint" >}}
+      Port    {{< region-param key="tcp_endpoint_port" >}}
       Exec    to_syslog_ietf();
       Exec    $raw_event="my_api_key " + $raw_event;
       CAFile  <CERT_DIR>/ca-certificates.crt
@@ -244,116 +180,11 @@ Configure NXLog to gather logs from your host, containers, & services.
     ```
 
 [1]: /resources/crt/ca-certificates.crt
-{{% /tab %}}
-{{% tab "Datadog EU site" %}}
-
-1. Configure NXLog to send your logs to your Datadog platform, replace the whole file in `C:\Program Files\nxlog\conf` by the following:
-
-    ```conf
-    ## Set the ROOT to the folder your nxlog was installed into,
-    ## otherwise it won't start.
-    #To change for your own system if necessary
-    define ROOT C:\Program Files\nxlog
-    #define ROOT_STRING C:\Program Files\nxlog
-    #define ROOT C:\Program Files (x86)\nxlog
-    Moduledir %ROOT%\modules
-    CacheDir %ROOT%\data
-    Pidfile %ROOT%\data\nxlog.pid
-    SpoolDir %ROOT%\data
-    LogFile %ROOT%\data\nxlog.log
-    ##Extension to format the message in JSON format
-    <Extension json>
-        Module xm_json
-    </Extension>
-    ##Extension to format the message in syslog format
-    <Extension syslog>
-    Module xm_syslog
-    </Extension>
-    ########## INPUTS ###########
-    ##Input for windows event logs
-    <Input syslogs>
-        Module      im_msvistalog
-    ##For windows 2003 and earlier use the following:
-    #    Module      im_mseventlog
-    </Input>
-    ############ OUTPUTS ##############
-    ##TCP output module
-    <Output out>
-        Module      om_tcp
-        Host        tcp-intake.logs.datadoghq.eu
-        Port        1883
-        Exec        to_syslog_ietf();
-        Exec        $raw_event="<DATADOG_API_KEY> "+$raw_event;
-    </Output>
-    ############ ROUTES TO CHOOSE #####
-    <Route 1>
-        Path        syslogs => out
-    </Route>
-    ```
 
-     Do not forget to replace `<DATADOG_API_KEY>` in the format.
-
-2. Activate NXLog watchfile module for each file you want to monitor, add the following before the output section:
-
-    ```conf
-    ##Module to watch a file
-    <Input FILE_WATCH_1>
-      Module im_file
-      File "PATH\\TO\\YOUR\\FILE1"
-      Exec   $SourceName = '<MY_APPLICATION_NAME>';
-      SavePos TRUE
-
-      ##include the message and add meta data
-      Exec $Message = $raw_event;
-    </Input>
-    ```
-
-3. Make sure those files are plugged in the output section:
-
-    ```conf
-    <Route file1>
-        Path    FILE_WATCH_1,FILE_WATCH_2,... => out
-    </Route>
-    ```
-
-4. Restart NXLog. Open the service administrative tool:
-
-    ```text
-    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\Services.lnk
-    ```
-
-5. (Optional) Set extra parameters or tags. Add any specific attribute to your logs in each input section of your NXLog configuration file. For instance, to specify the source that is used in Datadog to identify the integration the logs come from, use:
-
-    ```conf
-    Exec        $ddsource = 'mysourcevalue';
-    Exec        $ddtags = 'env:test,<KEY>:<VALUE>';
-    ```
-
-### NXLog TLS encryption
-
-1. Download the [CA certificate][1]
-
-2. Add the `om_ssl` module in your NXLog configuration to enable secure transfer over port 443:
-
-    ```conf
-    <Output out>
-      Module  om_ssl
-      Host    intake.logs.datadoghq.com
-      Port    443
-      Exec    to_syslog_ietf();
-      Exec    $raw_event="my_api_key " + $raw_event;
-      CAFile  <CERT_DIR>/ca-certificates.crt
-      AllowUntrusted FALSE
-    </Output>
-    ```
-
-
-[1]: /resources/crt/ca-certificates.crt
-{{% /tab %}}
-{{< /tabs >}}
 
 ## Troubleshooting
 
-Need help? Contact [Datadog support][1].
+Need help? Contact [Datadog support][2].
 
-[1]: /help/
+[1]: /resources/crt/ca-certificates.crt
+[2]: /help/