I am getting an error message to nxlog.log. 2015-02-17 08:16:23 INFO nxlog-ce-2.8.1248 started 2015-02-17 08:16:35 ERROR Couldn't read next event, corrupted eventlog?; The data is invalid. And after this error no more events or log messages are generated. However I can read event log with event viewer and I can see new events. These are messages in my graylog2: 2015-02-17 08:16:35.000 wintoosa Couldn't read next event, corrupted eventlog? The data is inval 2015-02-17 08:16:23.000 wintoosa nxlog-ce-2.8.1248 started

Seems that nxlog is running but it can't handle events after this error. How can I fix this ?

My very basic nxlog.conf:

define ROOT C:\Program Files (x86)\nxlog Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log #LogLevel DEBUG

<Extension syslog> Module xm_syslog </Extension>

<Extension gelf> Module xm_gelf </Extension>

<Input internal> Module im_internal </Input>

<Input eventlog> Module im_msvistalog

For windows 2003 and earlier use the following:

Module im_mseventlog

</Input>

<Output out> Module om_udp Host 10.0.0.103 Port 12900 outputType GELF </Output>

<Route 1> Path internal, eventlog => out </Route>