Hi

I have noticed that my alerts are about 2 hours behind.  My SIEM rule retrohunts every 10 minutes.

What is the default schedule for nxlog community edition?

I think I need to input code similar to the below to make my rule retrohunts trigger in a more realtime way

<Input in>   Module  im_tcp   Port    2345

   <Schedule>       Every   1 sec       First   2010-12-17 00:19:06       Exec    log_info("scheduled execution at " + now());   </Schedule>

   <Schedule>       When    1 */2 2-4 * *       Exec    log_info("scheduled execution at " + now());   </Schedule></Input>