Hi,
I have installed the nxlog package on Linux. I am trying to use nxlog as syslog with SSL support. Following is the configuration file:


## This is a sample configuration file. See the nxlog reference manual about the
## configuration options. It should be installed locally under
## /usr/share/doc/nxlog-ce/ and is also available online at
## http://nxlog.org/docs

########################################
# Global directives #
########################################
User nxlog
Group nxlog

LogFile /var/log/nxlog/nxlog.log
LogLevel INFO

########################################
# Modules #
########################################
<Extension _syslog>
Module xm_syslog
</Extension>
<Input ssl>
Module im_ssl
Host localhost
Port 6292
CertFile /var/lib/nxlog/cert/certificate.pem
CertKeyFile /var/lib/nxlog/cert/key.pem
InputType Syslog_TLS
Exec parse_syslog_ietf();
</Input>

<Input in1>
Module im_udp
Port 514
Exec parse_syslog_bsd();
</Input>

<Input in2>
Module im_tcp
Port 514
</Input>

<Output fileout1>
Module om_file
File "/var/log/logmsg.txt"
Exec if $Message =~ /error/ $SeverityValue = syslog_severity_value("error");
Exec to_syslog_bsd();
</Output>

<Output fileout2>
Module om_file
File "/var/log/logmsg2.txt"
</Output>

########################################
# Routes #
########################################
<Route 1>
Path in1 => fileout1
</Route>

<Route tcproute>
Path in2 => fileout2
</Route>


Itry to run this in foreground using nxlog -f. nxLog starts but it shows the warning - "WARNING not starting unused module ssl ". Does this mean SSL is not being used by nxLog? Why it says unused and how to correct it.

Hi, I am very new to this and trying to configure the nxLog as a syslog server on windows 2012. I added the following to the default config file:

<Extension _syslog> Module xm_syslog </Extension> <Input ssl> Module im_ssl Host localhost Port 6393 CertFile %CERTDIR%/ukfff6292.pem CertKeyFile %CERTDIR%/private.pfx
InputType Syslog_TLS Exec parse_syslog_ietf(); </Input>

Then on cmd, I start the nxLog with -f option. I get the following error

2018-12-24 11:32:55 ERROR SSL error, couldn't read cert, no start line, 2018-12-24 11:32:55 WARNING no functional input modules! 2018-12-24 11:32:55 INFO nxlog-ce-2.10.2150 started 2018-12-24 11:32:55 ERROR SSL error, couldn't read cert, no start line,

Please help me regarding this.

i configured my nxlog that forwards sharepoint uls log to log server. my nxlog.conf is like below ## This is a sample configuration file. See the nxlog reference manual about the ## configuration options. It should be installed locally and is also available ## online at http://nxlog.org/docs/ ## Please set the ROOT to the folder your nxlog was installed into, ## otherwise it will not start. #define ROOT C:\Program Files\nxlog define ROOT C:\Program Files (x86)\nxlog define SHAREPOINT_LOGS D:\SHAREPOINTLOGS Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log Module xm_syslog Module xm_csv Fields Timestamp, Process, TID, Area, Category, EventID, Level, Message, \ Correlation Delimiter \t Module im_file # Use a file mask to read from ULS trace log files only File '%SHAREPOINT_LOGS%\*-????????-????.log' # Drop header lines and empty lines if $raw_event =~ /^(\xEF\xBB\xBF|Timestamp)/ drop(); else { # Remove extra spaces $raw_event =~ s/ +(?=\t)//g; # Parse with uls_parser instance defined above uls_parser->parse_csv(); # Set $EventTime field (second precision only) $EventTime = strptime($Timestamp, "%m/%d/%Y %H:%M:%S"); # Add $Hostname field $Hostname = hostname_fqdn(); } # # Module im_msvistalog # For windows 2003 and earlier use the following: # Module im_mseventlog # Module om_udp Host 192.168.99.52 Port 514 Exec to_syslog_bsd(); Module om_udp Host 192.168.99.52 Port 514 Exec to_syslog_bsd(); Path trace_file => out nxlog sends message to log server to the one moment when he stops with the work.why?