6
answers
closed

nxlog parsing saved evtx files

Hi, Does nxlog enterprise support parsing of saved or exported evtx files?  I have netapp audit logs that are saved in evtx format and I'd like to nxlog to parse this (json) and send it to log server (ELK).   I'm currently evaluating the enterprise product and this ability would be one of the drivers for this product.  If this is possible, how would I configure it.  This is what I have in my conf file:

# Netapp
<Input file2>
    Module   im_msvistalog
    File     'z:\audit_testsvm_last.evtx'
    SavePos  TRUE
</Input>

 

Support ticket opened onOctober 21, 2015 - 4:45pm
1
answer
closed

Checkpoint Docs

I am looking for the docs about how to use Checkpoint OPSEC with nxlog.  Thank you. 

 

Support ticket opened onJuly 30, 2015 - 4:21pm
1
answer
closed

sql_exec arguements

Again still trying to get a trial to work,

 

I am trying to use the sql_exec function, I used the example from the documentation pretty much exactly

<Exec>
         sql_exec("INSERT INTO eventlog (message) VALUES (?)", $Message);
</Exec>

But I keep getting this error:

C:\Program Files (x86)\nxlog\conf\nxlog.conf; procedure 'sql_exec()' does not exist or takes different arguments

Support ticket opened onJuly 13, 2015 - 5:09pm
1
answer
closed

im_msvistalog and om_tcp

I am in the testing phase of the enterprise edition and have a question on how the program actually handles sending and recieveing from the im_mvistalog module.  I tried the documentation and some testing but there isnt alot of documentation on this program out there.

My question is if I used something like this in the config on one side to send the windows event log:

Support ticket opened onJuly 10, 2015 - 11:06pm

Pages