Modules im_msvistalog & im_winperfcount "Collecting Logs from multiple Windows Servers"

Hello I wish to collect event logs and Windows performance counters from multiple 'remote' systems within a Windows domain... I would like to know the syntax for doing this.. I have looked at your documentation in relation to your Enterprise version and it states that you can use the module  directives (RemoteServer,RemoteUser,RemotePassword) etc... But there is no statement with regards how you structure the collection from multiple servers or if these commands can be used with the 'im_winperfcount' module..

Support ticket opened onJuly 27, 2016 - 2:57pm

performance of input module im_udp

I would like to know how many maximum message per sec of input module im_udp. I would like to use Nxlog to receive hight traffic of syslog.


Support ticket opened onJuly 8, 2016 - 9:38pm

Nxlog service crashes when parsing eventlog


We are using version 2.9.1504 on Windows Server 2012 R2 to send out iis and eventlogs but on some servers the nxlog service keeps crashing and logs this in the eventlog

Support ticket opened onJune 13, 2016 - 3:59pm

ERROR Couldn't read next event, corrupted eventlog?; The data is invalid.

As soon as I start nxlog-ce, it writes the error in the title into its logfile and stops processing logs. Nxlog config I am using:


define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

<Extension json>
    Module      xm_json

<Input eventlog>
    # Use 'im_mseventlog' for Windows XP and 2003
    Module      im_msvistalog

Support ticket opened onMay 10, 2016 - 10:38am

nxlog community edition on windows10

I am a newbie to logstash and elasticsearch and I am setting up a test system using nxlog on my windows clients.  I have several windows 7 boxes that are successfully sending the eventlogs to the logstash server.  I am trying to setup a nxlog client on a windows 10 box and I keep getting an error from the nxlog service that the eventlog is corrupt.  I have confirmed I have the nxlog.conf file selected for the newer style event log. 

Support ticket opened onApril 22, 2016 - 8:43pm