Logpoint Agent (Standalone) supports the following categories of modules:
Specialized log processing capabilities:
Module |
Purpose |
Documentation |
|---|---|---|
xm_admin |
Remote management |
|
xm_charconv |
Character set conversion |
|
xm_csv |
CSV parsing |
|
xm_fileop |
File operations |
|
xm_filelist |
File list operations |
|
xm_json |
JSON formatting |
|
xm_kvp |
Key-value pair processing |
|
xm_multiline |
Multiline parsing |
|
xm_pattern |
Pattern matching |
|
xm_perl |
Perl scripting |
|
xm_rewrite |
Event rewriting |
|
xm_syslog |
Syslog formatting |
|
xm_w3c |
W3C log format |
|
xm_xml |
XML processing |
Collect events from various sources:
Module |
Purpose |
Documentation |
|---|---|---|
im_batchcompress |
Batched compression input |
|
im_exec |
External program output |
|
im_file |
File-based log collection |
|
im_fim |
File integrity monitoring |
|
im_internal |
Internal agent logs |
|
im_kernel |
Kernel logs |
|
im_mark |
Periodic heartbeat |
|
im_msvistalog |
Windows Event Log |
|
im_null |
Null input for testing |
|
im_perl |
Perl-generated input |
|
im_regmon |
Windows Registry monitoring |
|
im_ssl |
TLS/SSL input |
|
im_tcp |
TCP input |
|
im_udp |
UDP input |
|
im_uds |
Unix domain sockets |
|
im_zmq |
ZeroMQ input |
Forward logs to destinations:
Module |
Purpose |
Documentation |
|---|---|---|
om_batchcompress |
Batched compression output |
|
om_exec |
Execute program |
|
om_null |
Null output for testing |
|
om_perl |
Perl-based output |
|
om_ssl |
TLS/SSL output |
|
om_tcp |
TCP output |
|
om_udp |
UDP output |
|
om_udpspoof |
UDP with IP spoofing |
|
om_uds |
Unix domain sockets |
|
om_zmq |
ZeroMQ output |
Additional processing between input and output:
Module |
Purpose |
Documentation |
|---|---|---|
pm_buffer |
Buffer events |
|
pm_evcorr |
Event correlation |
|
pm_norepeat |
De-duplication |
|
pm_null |
Null processor |
|
pm_pattern |
Pattern matching |