7
responses

Drop Win Event message based on text file content

I'm attempting to use NXLog (community edition atm) to read in active directory logs into NXLog and output to syslog/json. I have a text file (one username per line) that I need to be able to compare to the username in the Windows event logs from AD. I need to be able to drop messages that the username in the Windows AD Event logs if it matches a username in the text file of usernames.

AskedOctober 9, 2018 - 6:16pm