Hi
Ive got a customer with windows server core (no gui) and they are wanting to uninstall the trial version and have asked if we can give them a copy of the original msi.
They are after version 5.4.7313
I've had a look at the download section and it isn't there.
Any suggestions please?
Thanks
Bryan
Is it possible to use a variable in a regex? I'm trying to do something like the following:
Exec if ($EventID == 4104) {
if defined(get_var('scriptblockid')) {
$id = get_var('scriptblockid');
if ($Message =~ /ScriptBlock ID: $id/) drop();
}
if ($Message =~ /ClassName = 'Root\/Microsoft\/Windows/) {
if ($Message =~/ScriptBlock ID: (\S+)/) {
set_var('scriptblockid', $1);
}
drop();
}
}
Hello,
We've deployed NXLog EE agents on numerous Windows servers, and we're facing a strange issue with just one agent.
It does not, and we're unable to get it to, show as online within the NXLog Manager. The agent's log states that it was able to successfully connect to the manager, but it's still showing as offline in the UI.
I have tried the following:
Hello,
I am experiencing truncated syslog messages, and found the root cause. Event are not correctly parsed such as this example:
Here is the original message read from eventviewer: