https://github.com/fluent/fluent-plugin-parser-winevt_xml
Fluentd Parser plugin to parse XML rendered windows event log.
https://github.com/fluent/fluent-plugin-parser-winevt_xml
eventlog fluentd fluentd-parser-plugin fluentd-plugin windows
Last synced: 8 months ago
JSON representation
Fluentd Parser plugin to parse XML rendered windows event log.
- Host: GitHub
- URL: https://github.com/fluent/fluent-plugin-parser-winevt_xml
- Owner: fluent
- License: apache-2.0
- Created: 2019-10-09T09:54:38.000Z (over 6 years ago)
- Default Branch: master
- Last Pushed: 2025-03-31T07:13:12.000Z (11 months ago)
- Last Synced: 2025-06-08T16:08:32.931Z (9 months ago)
- Topics: eventlog, fluentd, fluentd-parser-plugin, fluentd-plugin, windows
- Language: Ruby
- Homepage:
- Size: 44.9 KB
- Stars: 2
- Watchers: 12
- Forks: 6
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# fluent-plugin-parser-winevt_xml
[](https://ci.appveyor.com/project/fluent/fluent-plugin-parser-winevt-xml/branch/master)
[](https://travis-ci.org/fluent/fluent-plugin-parser-winevt_xml)
## Component
### Fluentd Parser plugin for XML rendered Windows EventLogs
[Fluentd](https://www.fluentd.org/) plugin to parse XML rendered Windows Event Logs.
### Installation
```
gem install fluent-plugin-parser-winevt_xml
```
## Configuration
### parser_winevt_xml
```aconf
@type winevt_xml
preserve_qualifiers true
```
#### preserve_qualifiers
Preserve Qualifiers key instead of calculating actual EventID with Qualifiers. Default is `true`.
### parser_winevt_sax
This plugin is a bit faster than `winevt_xml`.
```aconf
@type winevt_sax
preserve_qualifiers true
```
#### preserve_qualifiers
Preserve Qualifiers key instead of calculating actual EventID with Qualifiers. Default is `true`.
## Copyright
### Copyright
Copyright(C) 2019- Hiroshi Hatake, Masahiro Nakagawa
### License
Apache License, Version 2.0