Flat File Collection

LogRhythm can collect logs from compressed flat files on Windows and UNIX systems. The Agent decompresses the file, collects its logs like any other flat file, and then deletes the decompressed file when it has been fully collected.

Only static compressed files are supported. Single compressed files and multiple files within a single directory are supported. The following are not supported: Multi-part, encrypted, password-protected, and compressed files containing more than one file.

The following compression types are supported:

  • gzip
  • tar
  • targzip (UNIX only)
  • zip
  • bzip (UNIX only)
  • bzip2 (UNIX only)
