+1
0
-1
0
answers

regex to drop certain string from message

Hello All,

 

I am new to nxlog or rather logics in terms of regex and all. 

I am looking to drop any message which has *.*.*.255 in message field. I tried below , however it does not seem to be working for me:

 

Exec if $Message =~ /^([01][0-9][0-9]|2[0-4][0-9]|25[0-5]) . ^([01][0-9][0-9]|2[0-4][0-9]|25[0-5]) . ^([01][0-9][0-9]|2[0-4][0-9]|25[0-5]) . 255/  drop();

 

Please suggest

AskedMarch 20, 2017 - 2:46pm
+1
0
-1
0
answers

Collecting & storing windows syslog locally on host machine

Hi there!

I am a college student...i am working on windows event logger to collect & analyse windows logs(event & syslog).

I don't know how to configure nxlog.conf file such that ... i can get all windows generated logs locally on host machine.

Waiting for reply.

Thank You

AskedMarch 16, 2017 - 7:28am
+1
1
-1
1
answer

community edition msi

have recently been trying the Community Edition of nxlog which does exactly what I need (and more) but have an issue with the msi. In order to be something I could deploy it has to pass uninstall and re-install tests. Unfortunatley the uninstall via Windows installer leaves a lot of file and registry entries behind that subsequently causes issues with a re-installation. Does anyone know if this is likely to be addressed within CE?

AskedMarch 7, 2017 - 12:19pm
+1
0
-1
1
answer

im_udp with specific host IP not working

Hello All,

 

I am using nxlog-ce-2.9.1716 client to collect logs from my device and then forward it to logstash. I want to make sure nxlog client accept syslogs from particular source instead any. However when using specific IP in im_udp module, I am getting error as below:

 

"2017-03-07 16:04:51 ERROR failed to start im_udp; couldn't bind udp socket to 172.20.20.20:514; The requested address is not valid in its context. " 

 

AskedMarch 7, 2017 - 12:02pm

Pages