1
response

Error with multiple Host in <Output> om_tcp

I'm using nxlog-ce-2.11.2190.msi (Community Edition) on Windows 2016 to send Windows Logs to a syslog server.

If I put more than one Host to the <Output> section like

<Output to_splunk>
Module om_tcp
Host abc1.corp.net
Host abc2.corp.net
Host abc3.corp.net
Port 514
Exec to_syslog_ietf();
</Output>

AskedOctober 29, 2021 - 11:00am
4
responses

NxLog not even attempting to sync first few lines

I have a im_file to om_tcp route on the community edition.
My applications starts generating logs at 5am and runs every 15 minutes.
I have observed that it essentially skips the first X lines and syncs things only after the x lines starting 5:15 and works fine throughout the day.
There is nothing in logs at 5am.
I have tried routing it to another om_file on the same machine, it works ok.

Can you please help me fix it?

Here is the config:

AskedJuly 16, 2020 - 4:12am