NXLogs and WIndows Firewall Log FIle
Hi. I am relatively new to nxlog and I hope the community can help me with my question. I have on a Windows Server an Windows Firewall Log File and following nxlog configuration:
<Input in> Module im_file File "C:\Windows\system32\LogFiles\Firewall\pfirewall.log" SavePos TRUE ReadFromLast TRUE parse_syslog_ietf(); </Input>
<Output out> Module om_tcp Host 3.125.146.97:514 #Exec to_syslog_ietf(); </Output>
<Route 1> Path in => out </Route>
So far so good. The logs I receive are now as following:
<13>1 2022-07-08T13:44:08+00:00 ec2-3-66-101-32 1 - - - 2022-07-08T15:44:17.208477+02:00 WINFS02 - - - [NXLOG@14506 EventReceivedTime="2022-07-08 15:44:17" SourceModuleName="in" SourceModuleType="im_file"] 2022-07-08 15:44:18 ALLOW TCP X.X.X.X Y.Y.Y.Y 43031 Z 0 - 0 0 0 - - - RECEIVE
Can I shorten the message, that I receive just the end of the message?
2022-07-08 15:44:18 ALLOW TCP X.X.X.X Y.Y.Y.Y 43031 Z 0 - 0 0 0 - - - RECEIVE