<no title> — wazuh-api-kit 1.0.0 documentation

Provides the WazuhInternalLogcollectorConfiguration which allows to parse the logcollector section of the Wazuh internal configuration.

class WazuhInternalLogcollectorConfiguration(**kwargs)#

Bases: object

Object representation of the wazuh agent’s internal option logcollector section.

debug: int | None#

The debug log level configuration of the wazuh agent.

0: No debug output

1: Standard debug output

2: Verbose debug output

exclude_files_interval: int | None#: Excluded files refresh interval, in seconds.

force_reload: bool#

close and reopen monitored files.

ip_update_interval: int | None#: IP update interval, in seconds. This specifies how often the system IP is obtained when the out_format option is used.

max_lines: int | None#: Maximum number of logs read from the same file in each iteration.

open_attempts: int | None#: Number of attempts to open a log file. The value 0 means that the number of attempts is infinite.

reload_delay: int | None#: File reloading delay (between close and open), in milliseconds. This parameter only applies if logcollector.force_reload is set to 1.

reload_interval: int | None#: File reloading interval, in seconds. This parameter only applies if logcollector.force_reload is set to 1.

remote_commands: int | None#: Toggles Logcollector to accept remote commands from the manager or not.

rlimit_nofile: int | None#: Maximum number of file descriptors that Logcollector can open. This value must be greater than or equal to (logcollector.max_files + 100).

sample_log_length: int | None#: Sample log length limit for errors about large input logs.

sock_fail_time: int | None#: Time to reattempt a socket connection after a failure, in seconds.

On this page