NXlog Problem, Windows event logs not preserving event time
SDavis
I'm noticing something weird with my NXLog endpoints. If I have my NXLog agents pull windows event logs and transfer them over the network it loses the event time somewhere along the way. My current setup looks like this:
Remote Agent: Windows Event Log -> im__mseventlog -> om_SSL (Type Binary) (to Log Collector)
Log Collector: im_SSL (Type Binary) -> om_UDP (Type GELF) (to Graylog server)
When Graylog is offline it will buffer correctly, but after Graylog comes back online, NXlog will send the logs with the current time.
