Hi All,

I've setup NXLog to read an application log file and forward the raw_event to Graylog manager. It seems initially when I start NXLog everything works correctly and the Headerline correctly breaks the log sections but after a while it seems to ignore the headerline and individual lines start coming through to graylog. I've loaded the log into regex testers and confirmed that the headerline is correctly recognised, is there anything else I can try? Can I confirm this is an NXLog issue instead of Graylog in some way?

<Extension proforma_email_parse> Module xm_multiline HeaderLine /\d\d\d\d/\d\d/\d\d \d\d:\d\d:\d\d.\d\d\d .... ........ ----------------------------------------------------/ </Extension>

<Input proforma_email> Module im_file File "D:\Program Files\ProformaEmailService\Logs\ProformaEmail_*.txt" SavePos true ReadFromLast true Exec $Message = $raw_event; InputType proforma_email_parse </Input>

Thanks