Hi everyone,

We have an internal application on a windows box which logs in a way which is slightly mangled. All other windows logs come through nxlog but on these messages the entire message field gets dropped.

Is there a way to parse using ifs? eg:

if $service == "Homegrown app" {

}

So that I can either change the output format or parse them untouched into a file etc...

Does anyone know if there are any characters that don't get escaped properly that might mangle the json output?

Sorry for not giving a huge amount of information, I have to keep this as agnostic as I can.