1
answer
closed

using im_msvistalog to read fron .evtx files directly

I am trying out the enterprise edition, and could not find documentation for reading event logs directly from .evtx file only, can anyone help in a sample config.

 

Thanks 

Support ticket opened onJune 16, 2015 - 5:29pm
4
answers
closed

xm_csv fails to parse line when a CR is split from a LF and it's an integer

I'm running NXLog Commuity Edition v2.9.1347 on Windows. The issue is occasionally I see the error message below and the data isn't being ran through my IIS_Log Input code (way down below). I traced it down to a similar issue seen here where the im_file reader is splitting a CRLF and leaving the carriage return on the last line. The last field has data plus the carriage return and is supposed to be parsed into an integer but that fails.

Support ticket opened onJune 15, 2015 - 8:35pm
11
answers
closed

High CPU usage - im_msvistalog module

Hello,

I am running nxlog on a Windows Server 2008 R2 Standard, Intel Xeon 2.20 Ghz, 2GB RAM machine. When I run nxlog with the following im_msvistalog module setting it consumes 100% of CPU:

<Input in>

# Use 'im_mseventlog' for Windows XP and 2003
Module im_msvistalog

</Input>

When I change it to this, the result is the same:

<Input in>

Support ticket opened onJune 3, 2015 - 3:08pm
2
answers
closed

Losing networking connectivity results in nxlog service failing to connect with loggly.com and never attempting to reconnect

NxLog does not reconnect to the server once a connection is restored after a network disconnect event.

Simple step to repro - Simply unplugging the ethernet cable from the back of the PC while nxlog is attempting to send data to loggly.  The error happens almost instantly after the cable is unplugged. Below is the error message

Support ticket opened onMay 29, 2015 - 10:54pm
2
answers
closed

Initial configuration: not capturing network sourced logs

Update 2: I'm closing this again cause I am a dummy. I've always relied on other linux guys for getting the environment right. So anyone who finds this is likely in a simmilar state of dumbness so I'll help those folks out with what happened:

1) SELINUX was running and blocking some errors but not ultimately stopping the logs coming in. Once those errors were remedied I moved on....

Support ticket opened onApril 24, 2015 - 7:31am

Pages