ConsumeWindowsEventLog

Description:

Registers a Windows Event Log Subscribe Callback to receive FlowFiles from Events on Windows. These can be filtered via channel and XPath.

Additional Details...

Tags:

ingest, event, windows

Properties:

In the list below, the names of required properties appear in bold. Any other properties (not in bold) are considered optional. The table also indicates any default values.

NameDefault ValueAllowable ValuesDescription
ChannelSystemThe Windows Event Log Channel to listen to.
XPath Query*XPath Query to filter events. (See https://msdn.microsoft.com/en-us/library/windows/desktop/dd996910(v=vs.85).aspx for examples.)
Maximum Buffer Size1048576The individual Event Log XMLs are rendered to a buffer. This specifies the maximum size in bytes that the buffer will be allowed to grow to. (Limiting the maximum size of an individual Event XML.)
Maximum queue size1024Events are received asynchronously and must be output as FlowFiles when the processor is triggered. This specifies the maximum number of events to queue for transformation into FlowFiles.

Relationships:

NameDescription
successRelationship for successfully consumed events.

Reads Attributes:

None specified.

Writes Attributes:

NameDescription
mime.typeWill set a MIME type value of application/xml.

State management:

This component does not store state.

Restricted:

This component is not restricted.

Input requirement:

This component does not allow an incoming relationship.