Problems with im_msvistalog under Windows Server 2022
Tags:
#1
Elix
Dears,
I'm running nxlog-ce 3.0.2272 under Windows Server 2022 to search the Application event log for specific events using a custom query in order to forward them as GELF messages to some Graylog server. The connection is secured by SSL. With Server 2019, everything runs smoothly but with Server 2022, nxlog.exe keeps crashing after a few events have been collected and sent to Graylog. Worst fact is, that events are omitted and not transferred to Graylog.
The related event log entries (event id 1000):
Faulting application name: nxlog.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 10.0.20348.681, time stamp: 0x69d3cd31
Exception code: 0xc0000374
Fault offset: 0x0000000000103ad9
Faulting process id: 0x2b1c
Faulting application start time: 0x01d86901d76501a6
Faulting application path: C:\Program Files (x86)\nxlog\nxlog.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 362167c9-9922-4158-8d56-ee4bafd21e67
Faulting package full name:
Faulting package-relative application ID:
Faulting application name: nxlog.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: RPCRT4.dll, version: 10.0.20348.707, time stamp: 0xd31f9dd8
Exception code: 0xc0000005
Fault offset: 0x00000000000272e3
Faulting process id: 0x1a24
Faulting application start time: 0x01d868da69310cd8
Faulting application path: C:\Program Files (x86)\nxlog\nxlog.exe
Faulting module path: C:\WINDOWS\System32\RPCRT4.dll
Report Id: 96a6d244-74ca-4f6f-8667-8bb5082a452a
Faulting package full name:
Faulting package-relative application ID:
Any idea?
Thanks ahead,
Elix
#1
Elix
Dears,
I'm running nxlog-ce 3.0.2272 under Windows Server 2022 to search the Application event log for specific events using a custom query in order to forward them as GELF messages to some Graylog server. The connection is secured by SSL. With Server 2019, everything runs smoothly but with Server 2022, nxlog.exe keeps crashing after a few events have been collected and sent to Graylog. Worst fact is, that events are omitted and not transferred to Graylog.
The related event log entries (event id 1000):
Faulting application name: nxlog.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 10.0.20348.681, time stamp: 0x69d3cd31
Exception code: 0xc0000374
Fault offset: 0x0000000000103ad9
Faulting process id: 0x2b1c
Faulting application start time: 0x01d86901d76501a6
Faulting application path: C:\Program Files (x86)\nxlog\nxlog.exe
Faulting module path: C:\WINDOWS\SYSTEM32\ntdll.dll
Report Id: 362167c9-9922-4158-8d56-ee4bafd21e67
Faulting package full name:
Faulting package-relative application ID:
Faulting application name: nxlog.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: RPCRT4.dll, version: 10.0.20348.707, time stamp: 0xd31f9dd8
Exception code: 0xc0000005
Fault offset: 0x00000000000272e3
Faulting process id: 0x1a24
Faulting application start time: 0x01d868da69310cd8
Faulting application path: C:\Program Files (x86)\nxlog\nxlog.exe
Faulting module path: C:\WINDOWS\System32\RPCRT4.dll
Report Id: 96a6d244-74ca-4f6f-8667-8bb5082a452a
Faulting package full name:
Faulting package-relative application ID:
Any idea?
Thanks ahead,
Elix
HI Elix,
is it possible to upload the full agent logs for review, as well as the agent configuration files?
Regards,
Jeffron
