I am monitoring few log file on a windows 2012 server using im_file
Send them to an ELK cluster

When checking the indexed logs we noticed delays ( 30 sec or more) for some ( not all)
The only clue I have found is a bunch of this type of error

2019-01-28 14:50:01 DEBUG future event, event thread sleeping 34361ms in cond_timedwait

Any idea what that means and how to troubleshoot it ??

Many thanks

AskedFebruary 5, 2019 - 1:37pm

How to efficiently clean up Windows DNS Server debug logs in nxlog

What is the most efficient way to parse Microsoft DNS Server debug logs into something more tidy, say into a CSV or KVP format on the nxlog agent?

Consider the following log message:

"24/02/2017 16:37:22 09B0 PACKET  0000009657E7BA40 UDP Rcv   a490   Q [0001   D   NOERROR] A      (7)example(3)com(0)"

First of all, what would be the most efficient way performance-wise to convert this into a CSV or KVP format?

AskedFebruary 24, 2017 - 3:59pm