108.31. WTMP (xm_wtmp)
This module provides a parser function to process binary wtmp files. The module registers a parser function using the name of the extension module instance. This parser can be used as a parameter for the InputType directive in input modules such as im_file.
108.31.1. Configuration
The xm_wtmp module accepts only the common module directives.
108.31.2. Examples
Example 536. WTMP to JSON Format Conversion
The following configuration accepts WTMP and converts it to JSON.
  1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
<Extension wtmp>
    Module      xm_wtmp
</Extension>
<Extension json>
    Module      xm_json
</Extension>
<Input in>
    Module      im_file
    File        '/var/log/wtmp'
    InputType   wtmp
    Exec        to_json();
</Input>
<Output out>
    Module      om_file
    File        '/var/log/wtmp.txt'
</Output>
<Route processwtmp>
    Path        in => out
</Route>
 
Output Sample
{
  "EventTime":"2013-10-01 09:39:59",
  "AccountName":"root",
  "Device":"pts/1",
  "LoginType":"login",
  "EventReceivedTime":"2013-10-10 15:40:20",
  "SourceModuleName":"input",
  "SourceModuleType":"im_file"
}
{
  "EventTime":"2013-10-01 23:23:38",
  "AccountName":"shutdown",
  "Device":"no device",
  "LoginType":"shutdown",
  "EventReceivedTime":"2013-10-11 10:58:00",
  "SourceModuleName":"input",
  "SourceModuleType":"im_file"
}![Download file [Download file]](images/icons/download_icon.png)