NXLog Community Edition

1
answer

Olistra

Nxlog CE agent forwarding all Windows Events despite the query level filter

Hello everybody, I'm trying to filter Windows events log with severity/level only from warning to critical, so from level 1 to 3.

Unfortunately, I tried several configurations, but the agent is still forwarding all the events. Like if there were no filters.

My specifications are, Nxlog CE Agent (version 2.10.2102) on a Windows 10 64 bits build 1803 with this conf :

AskedDecember 6, 2018 - 3:22pm

1
answer

woodsb02

nxlog-ce om_http missing add_http_header() procedure

With reference to the following guide for sending NXLog output to Splunk using HEC:
https://nxlog.co/documentation/nxlog-user-guide#splunk-hec-collection

The NXLog community edition om_http is missing the add_http_header() procedure:
https://nxlog.co/docs/nxlog-ce/nxlog-reference-manual.html#om_http

AskedApril 8, 2018 - 4:57am

1
answer

Jakauppila

Recursive file_remove

Is there any way to recursively delete files with file_remove?

I have applications logging in the following structure:

D:\Applogs\App1\Access-3172016.log
D:\Applogs\App2\Access-3162016.log

We're able to define an input and collect the logs no problem with the following definition:

<Input Access_Logs>

NXLog Community Edition,

AskedMarch 17, 2016 - 9:30pm

1
answer

Deval Khatri

how to fix apr_sockaddr_info failed & not functional without input modules for splunk SIEM

2016-03-11 12:03:01 ERROR apr_sockaddr_info failed for 192.168.1.253:514;The requested name is valid, but no data of the requested type was found.

NXLog Community Edition,

AskedMarch 11, 2016 - 9:30am

You are here

NXLog Community Edition

Nxlog CE agent forwarding all Windows Events despite the query level filter

nxlog-ce om_http missing add_http_header() procedure

Recursive file_remove

how to fix apr_sockaddr_info failed & not functional without input modules for splunk SIEM