I've got nxlog installed on a handful of Windows machines, forwarding event logs in a test environment. I've noticed that if I restart the server receiving the logs, the clients won't resume sending until I've restarted the nxlog service. Has anyone come up with a way around this?
The log file simply has many instances of:
Hi, Does nxlog enterprise support parsing of saved or exported evtx files? I have netapp audit logs that are saved in evtx format and I'd like to nxlog to parse this (json) and send it to log server (ELK). I'm currently evaluating the enterprise product and this ability would be one of the drivers for this product. If this is possible, how would I configure it. This is what I have in my conf file:
I am looking for the docs about how to use Checkpoint OPSEC with nxlog. Thank you.
Hi nxlog team,
I'm using the EE om_elasticsearch module to output a custom log directly into elasticsearch. This is a only a test machine so I'm using exactly the same setup as http://nxlog.org/docs/elasticsearch-kibana/using-nxlog-with-elasticsearch-and-kibana.html with a local elasticsearch and nxlog setup.
Config file is: