使用阿里云日志服务Logtail插件采集Windows系统事件日志和IIS日志 Logtail插件配置

Logtail插件配置

{
  "inputs": [
    {
      "detail": {
        "Name": "Application",
        "IgnoreOlder": 259200
      },
      "type": "service_wineventlog"
    },
    {
      "detail": {
        "Name": "Security",
        "IgnoreOlder": 259200
      },
      "type": "service_wineventlog"
    },
    {
      "detail": {
        "Name": "Setup",
        "IgnoreOlder": 259200
      },
      "type": "service_wineventlog"
    },
    {
      "detail": {
        "Name": "System",
        "IgnoreOlder": 259200
      },
      "type": "service_wineventlog"
    }
  ]
}

W3C格式 IIS配置字段

logExtFileFlags="Date, Time, ClientIP, UserName, ServerIP, ServerPort, Method, UriStem, UriQuery, HttpStatus, Win32Status, TimeTaken, UserAgent, Referer"