Currently process and transform the windows event/iis logs on the client, however as I have more servers I am wondering about routing everything to a central point using the binary format and then processing them into the relevant tables in to a mysql db. I am struggling with at which stage this filtering and tansforming is done and what the route should look like. Do I use the patern filter in a process stage and then use and if statement in the route based on the patern id?
I really would like some assistance in the forum -
Here is the scenario:
Installed nxlog.c.e in Windows 2008 R2
Used the query list -to get security logs
Added that in the module - started the server - everything is fine.
I tested this in my Windows mahcine - to my Redhat server.
The issue happens when the Windows machine is registered to the domain.