Mohit, Thanks for your reply. The problem here is that we can only capture TCP data on the fly, not on hosts. Besides, if the server is Windows, it may not provide syslog-like utility.
2014-08-01 12:04 GMT+08:00 Mohit Durgapal <durgapalmo...@gmail.com>: > I am not sure if that's exactly what you need but have you tried the > syslog tcp source? It can listen and consume events from a tcp queue on a > specific host & port. > > > On Fri, Aug 1, 2014 at 8:47 AM, Liu Blade <hafzc...@gmail.com> wrote: > >> Dear all, >> >> The scenario is we want to collect data over TCP connection which is send >> to backend database server. But it is not possible to use an intrusive way, >> which means we would not collect data on servers. >> >> Is that possible to use libpcap/winpcap to tap into TCP stream, convert >> it to Avro/Thrift, and then send to Flume source? >> >> Very appreciate your suggestions. Please indicate if there are better >> options. >> >> Cheers, >> Blade >> >> > >
