We have the following problem.
We are currently migrating from REDIS to KAFKA on our windows server 2012 machines. In order to do this we are changing our nxlog.conf. (see below for entire configuration)
I'm trying to trigger a powershell script to run with passed parameters on pattern matching the contents of $message. The method itself works, I just cannot work out how to pass parameters to the script I'm calling.
Hello NXlog world!
I'm having some challenges to pull data from a SQL 2012 (running on W2K16) database using the im-odbc connector.
This is my input:
Hello everyone,
I have a window server that receives logs from other windows hosts (log collector) and from this last one, events are sent to a Fortisiem. The problem is that in SIEM the IP that appears is always the collector's IP and all host events are identified by that IP.
Is it possible to keep the original IP of each host?
For about 5 years, I've been using NXLog to forward Windows logs from all of my Windows servers into a Graylog server. Recently, one of the servers developed an issue where there will be event ID 5156 ("The Windows Filtering Platform has permitted a connection") triggered when NXLog sends logs to the Graylog server, which triggers another event ID 5156, which triggers another and another and another and so on.
