Community Forum

Post a question
4
responses

NxLog not even attempting to sync first few lines

I have a im_file to om_tcp route on the community edition.
My applications starts generating logs at 5am and runs every 15 minutes.
I have observed that it essentially skips the first X lines and syncs things only after the x lines starting 5:15 and works fine throughout the day.
There is nothing in logs at 5am.
I have tried routing it to another om_file on the same machine, it works ok.

Can you please help me fix it?

Here is the config:

AskedJuly 16, 2020 - 4:12am
4
responses

Parsing Windows Event LOG XML and sending to Graylog

I am trying to send parse each of these XML fields into a field for graylog to handle, any ideas would help.

I've added

<Extension xml>
    Module  xm_xml
</Extension>

and Exec parse_windows_eventlog_xml(); to_xml();

but I'm not sure what else to do, I'm trying to work with this in the 'message' field

AskedJuly 13, 2020 - 11:27pm
0
responses

Config INCLUDE wildcard not working on Windows?

I have tried multiple ways to get the wildcard includes to work but just cant get it to work in CE. If I put the path in then it works.

define ROOT C:\Program Files (x86)\nxlog
define PLUGIN %ROOT%\additional

works:
include C:\Program Files (x86)\nxlog\additional\nxlog_exchange.conf

doesn't work:
include additional\*.conf
include additional/*.conf
include %PLUGIN%\*.conf
include %PLUGIN%/*.conf

AskedJuly 10, 2020 - 11:07pm
1
response

im_msvistalog + If/Else Statement

Hi,

My working nxlog.conf relies on Query directives aimed at explicitly named Channels together with the im_msvistalog Module.

<Input blu_eventlog_iis>
Module im_msvistalog

AskedJuly 6, 2020 - 9:07pm

Pages