To collect logs | Log collection solutions

#1 Saravanakumar 4 years ago

Hi Team,

I have installed the NXlog community edition (nxlog-ce-2.10.2150.msi) on our windows server and I am trying to collect the Firewall (ASA) logs in windows server through NXlog.

I have used the following configuration but I am not receiving any logs. Can you help me on this

<Extension json>
Module xm_json
</Extension>
##Extension to format the message in syslog format
<Extension syslog>
Module xm_syslog
</Extension>

########## INPUTS ###########

<Input in_syslog_tcp>
Module im_tcp
Host 0.0.0.0
Port 1514
Exec parse_syslog();
</Input>

############ OUTPUTS ##############

<Output file>
Module om_file
File "C:\test\asa.log"
Exec to_syslog_ietf();
</Output>

<Route file>
Path in_syslog_tcp => file
</Route>

Permalink

#2 MisazivDeactivated Nxlog ✓ 4 years ago

#1 Saravanakumar

Hi Team, I have installed the NXlog community edition (nxlog-ce-2.10.2150.msi) on our windows server and I am trying to collect the Firewall (ASA) logs in windows server through NXlog. I have used the following configuration but I am not receiving any logs. Can you help me on this <Extension json> Module xm_json </Extension> ##Extension to format the message in syslog format <Extension syslog> Module xm_syslog </Extension> ########## INPUTS ########### <Input in_syslog_tcp> Module im_tcp Host 0.0.0.0 Port 1514 Exec parse_syslog(); </Input> ############ OUTPUTS ############## <Output file> Module om_file File "C:\test\asa.log" Exec to_syslog_ietf(); </Output> <Route file> Path in_syslog_tcp => file </Route>

Hi,

Is there a way to confirm that logs are sent in the first place? Check if the port is open, maybe do a network capture to see if any traffic is exchanged.

-MisaZ