I am having an issue where I am outputing a DNS log from Windows Server and having NXLOG read it and ship it to a Logstash environment. My issue however is that after a period of time the log file disappears and is not created. I am assuming it is an issue with NXLog having a lock on the file and when windows rotates it, it fails and doesnt get created.

The DNS Event View Log shows:

The DNS server was unable to open file E:\Log Files\DNS\dns.log for write.  Most likely the file is a zone file that is already open.  Close the zone file and re-initiate zone write.

Stopping and restarting the service does not help unless I completely stop NXLOG first. How can I change it so NXLog does not completely lock the log file so that windows can't rotate it?

This seems to occur on various versions of windows from 2008 to 2012 R2.

Appreciate any help you can provide regarding this issue.