NXLog search
Let's talk Start free
Let's talk Start free

Nxlog.conf unable to read /parse Directory or File path

Tags:
#1 Nick79

Hello, I am using NXLOG on Windows 2012 to get DNS logs forwarded to my syslog server.  I have enabled DNS logging on the Windows server and see the dns.log file is getting created under C:\Windows\System32\DNS\ folder .   However my nxlog.conf is unable to browse or parse to get to this directory.   I have made sure to check the log  file is dns.log and not dns.txt in Windows.

If i mention the below in my nxlog.conf file, i get an error "   WARNING input file does not exist: C:\Windows\System32\dns\dns.log"

<Input in>
    Module  im_file
    File  "C:\\Windows\\System32\\dns\\dns.log"
    SavePos TRUE
    InputType LineBased
</Input>

 

If i mention the below File path in my nxlog.conf then i get an error : "ERROR failed to open directory: C:\Windows\System32\dns: The system cannot find the path specified."

<Input in>
    Module  im_file
    File  "C:\\Windows\\System32\\dns\\dns*"
    SavePos TRUE
    InputType LineBased
</Input>

Same thing, even if i use single quotes & single \  i get the same error -   "  WARNING input file does not exist: C:\Windows\System32\dns\dns.log

<Input in>
    Module  im_file
    File  'C:\Windows\System32\dns\dns.log'
    SavePos TRUE
    InputType LineBased
</Input>

 

Can someone plss help ? This is drving me crazy

 

Permalink
#2 adm Nxlog ✓ (Last updated )
#1 Nick79
Hello, I am using NXLOG on Windows 2012 to get DNS logs forwarded to my syslog server.  I have enabled DNS logging on the Windows server and see the dns.log file is getting created under C:\Windows\System32\DNS\ folder .   However my nxlog.conf is unable to browse or parse to get to this directory.   I have made sure to check the log  file is dns.log and not dns.txt in Windows. If i mention the below in my nxlog.conf file, i get an error "   WARNING input file does not exist: C:\Windows\System32\dns\dns.log" <Input in>     Module  im_file     File  "C:\\Windows\\System32\\dns\\dns.log"     SavePos TRUE     InputType LineBased </Input>   If i mention the below File path in my nxlog.conf then i get an error : "ERROR failed to open directory: C:\Windows\System32\dns: The system cannot find the path specified." <Input in>     Module  im_file     File  "C:\\Windows\\System32\\dns\\dns*"     SavePos TRUE     InputType LineBased </Input> Same thing, even if i use single quotes & single \  i get the same error -   "  WARNING input file does not exist: C:\Windows\System32\dns\dns.log <Input in>     Module  im_file     File  'C:\Windows\System32\dns\dns.log'     SavePos TRUE     InputType LineBased </Input>   Can someone plss help ? This is drving me crazy  

This is most likely caused by the file system redirector in Windows. NXLog on Windows is a 32 bit binary so the system32 folder is mapped to a different path.

See http://www.samlogic.net/articles/32-64-bit-windows-folder-x86-syswow64.htm

But what about 32-bit applications that have the system path hard coded and is running in a 64-bit Windows? How can they find the new SysWOW64 folder without changes in the program code, you might think. The answer is that the emulator redirects calls to System32 folder to the SysWOW64 folder transparently so even if the folder is hard coded to the System32 folder (like C:\Windows\System32), the emulator will make sure that the SysWOW64 folder is used instead. So same source code, that contains a path with the System32 folder included, can be compiled to both 32-bit and 64-bit program code without any changes.
Login to see more