Got this error while trying to forward windows 11 event logs to SIEM:

ERROR failed to subscribe to msvistalog events,the channel was not found [error code: 15007]; The specified channel could not be found.

my  nxlog config is here

define ROOT C:\Program Files\nxlog
#define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
<Extension json>
Module      xm_json
</Extension>
<Extension fileop>
Module xm_fileop
</Extension>
Nxlog internal logs
<Input internal>
Module im_internal
Exec $EventReceivedTime = integer($EventReceivedTime) / 1000000; to_json();
</Input>
Win Event Log - Security
<Input inSecurityEvent>
Module im_msvistalog
Query <QueryList> <Query Id=""><Select Path="Security">*</Select></Query></QueryList>
Exec $Message = to_json();
</Input>
<Output outSecurityEvent>
Module om_tcp
Host X.X.X.X
Port 5060
Exec     $EventTime = strftime($EventTime, '%Y-%m-%dT%H:%M:%SZ'); 

to_json();
Exec to_json();
Exec file_write("C:\Program Files\nxlog\data\SecurityEvents_output.log", $raw_event);
</Output>
<Route 1>
Path inSecurityEvent => outSecurityEvent
</Route>

This works fine on other version of windows. the problem is windows 11