2
answers
closed

im_msvistalog module on Deb package

I installed the enterprise trial edition on ubuntu to read evtx files and forward tem, seems it can not find the im_msvistalog module, is it supported on your linux version?

Thanks 

Support ticket opened onJune 17, 2015 - 9:53am
1
answer
closed

using im_msvistalog to read fron .evtx files directly

I am trying out the enterprise edition, and could not find documentation for reading event logs directly from .evtx file only, can anyone help in a sample config.

 

Thanks 

Support ticket opened onJune 16, 2015 - 5:29pm
4
answers
closed

xm_csv fails to parse line when a CR is split from a LF and it's an integer

I'm running NXLog Commuity Edition v2.9.1347 on Windows. The issue is occasionally I see the error message below and the data isn't being ran through my IIS_Log Input code (way down below). I traced it down to a similar issue seen here where the im_file reader is splitting a CRLF and leaving the carriage return on the last line. The last field has data plus the carriage return and is supposed to be parsed into an integer but that fails.

Support ticket opened onJune 15, 2015 - 8:35pm
11
answers
closed

High CPU usage - im_msvistalog module

Hello,

I am running nxlog on a Windows Server 2008 R2 Standard, Intel Xeon 2.20 Ghz, 2GB RAM machine. When I run nxlog with the following im_msvistalog module setting it consumes 100% of CPU:

<Input in>

# Use 'im_mseventlog' for Windows XP and 2003
Module im_msvistalog

</Input>

When I change it to this, the result is the same:

<Input in>

Support ticket opened onJune 3, 2015 - 3:08pm

Pages