Hi, I install NXLog Enterprise Edition v5 trial And try to filter out events before send to SIEM. I can get some events and see SIEM side. But when I create fake event , cannot see all. What I want? I want to forward Windows server APP, SEC ve SYS logs that have only WARNING,ERROR and CRITICAL levels in CEF format Is that config part correct?
I am looking to output syslog logs from Dell Firewall into a local directory on my windows box and I am getting error message as below:
===
2020-12-11 07:01:21 WARNING not starting unused module syslogs
2020-12-11 07:01:21 INFO nxlog-ce-2.10.2150 started
2020-12-11 07:01:21 ERROR failed to open tmp/output; The system cannot find the path specified.
=====
Hello,
I am trying to setup NXLog so that multiple Windows Servers will send their Event logs to a central server, and that server will output them into basic text files. The logs are delivered to the central server just fine, but instead of going to separate routes as I have configured, all logs appear to be delivered to the same route, which happens to be the first one listed. Any help would be greatly appreciated.
