1
response

fixed UDP host?

Hi, i am using the nxlog-ce-2.9.1716-1_rhel7.x86_64.rpm and i have the following conf

<Output graylogout>
Module om_udp
Host somehost.com
Port 12201
OutputType GELF
</Output>

If i do "host somehost.com" -> It returns 2 IP in different order

$>host somehost.com
X.X.X.X
Y.Y.Y.Y

$>host somehost.com
Y.Y.Y.Y
X.X.X.X

AskedOctober 31, 2017 - 11:39pm
3
responses

How to efficiently clean up Windows DNS Server debug logs in nxlog

What is the most efficient way to parse Microsoft DNS Server debug logs into something more tidy, say into a CSV or KVP format on the nxlog agent?

Consider the following log message:

"24/02/2017 16:37:22 09B0 PACKET  0000009657E7BA40 UDP Rcv 10.0.100.15   a490   Q [0001   D   NOERROR] A      (7)example(3)com(0)"

First of all, what would be the most efficient way performance-wise to convert this into a CSV or KVP format?

AskedFebruary 24, 2017 - 3:59pm
1
response

KISS: beginner's problems with im_file and om_file

Hello nxlog world,

Shamed to say, I've spent entire yesterday trying to figure out how to read Windows DHCP log files and ship the events to ElasticSearch.

Problem was with using direct path for folder C:\Windows\System32\dhcp\. Managed to get nxlog to read by sharing the folders (read-only permissions) to the user account used for nxlog service account logon.

AskedJanuary 21, 2016 - 11:45am