nxlog is crashing with the following error:

Faulting application name: nxlog.exe, version: 0.0.0.0, time stamp: 0x5666d55e

Faulting module name: ntdll.dll, version: 6.3.9600.18202, time stamp: 0x569e72c5

Exception code: 0xc0000005

Fault offset: 0x000192cb

Faulting process id: 0x1b60

Faulting application start time: 0x01d18540c8297bd3

Faulting application path: C:\Program Files (x86)\nxlog\nxlog.exe

Faulting module path: C:\Windows\SYSTEM32\ntdll.dll

Report Id: 06d89363-f134-11e5-80dd-005056a619fb

Faulting package full name:

Faulting package-relative application ID:

config file:

define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

<Extension json>
    Module      xm_json
</Extension>

<Input eventlog>
    # Use 'im_mseventlog' for Windows XP and 2003
    Module      im_msvistalog
SavePos FALSE
ReadFromLast FALSE
 Query       <QueryList>\
                   <Query Id="0">\
                        <Select Path="Pool2PdfCreator.Produce">*</Select>\
                    </Query>\
                </QueryList>
</Input>

<Output out>
    Module      om_tcp
    Host        10.36.52.62
    Port        12201
    Exec        $EventTime = integer($EventTime) / 1000000; to_json();
    Exec log_info("RecordNumber: " + $RecordNumber);
</Output>

<Route r>
    Path        eventlog => out
</Route>

(during troubleshooting, I have narrowed down the query to one eventsource and also added

Exec log_info("RecordNumber: " + $RecordNumber);

to be able to pinpoint the exact entry that causes the issue. I was able to locate the entry that causes the crash. The strange thing is, it sometimes goes through, most of the times causes crash. I am not comfortable with sharing the entry here but I can send it via e-mail. This definitely looks like a bug.

nxlog version: nxlog-ce-2.9.1504