xm_w3c does not work NXlog EE
absolis
hello, I am testing the NXlog EE, but the module xm_w3c does not work, do not parse the logs of BRO, you can help me.
<Extension w3c>
Module xm_w3c
Delimiter ,
</Extension>
<Input i.bro.log>
Module im_file
File "/mnt/*.log"
InputType w3c
</Input>
<Output o.bro.log>
Module om_ssl
Host 192.168.0.38
Port 10525
CAFile /data/conf/ca.crt
AllowUntrusted TRUE
</Output>
<Route r.bro.log>
Path i.bro.log => o.bro.log
</Route>
# ./nxlog-processor
2017-12-27 20:38:33 INFO connecting to 192.168.0.38:10525
2017-12-27 20:39:47 ERROR cannot parse integer "SUCCESS", invalid modifier: 'S'
2017-12-27 20:39:47 ERROR last message repeated 15 times
2017-12-27 20:39:47 ERROR couldn't parse integer: LOGON_FAILURE
2017-12-27 20:39:47 ERROR couldn't parse integer: LOGON_FAILURE
2017-12-27 20:39:47 ERROR cannot parse integer "SUCCESS", invalid modifier: 'S'
2017-12-27 20:39:47 ERROR last message repeated 10 times
2017-12-27 20:39:47 ERROR couldn't parse integer: LOGON_FAILURE
2017-12-27 20:39:47 ERROR cannot parse integer "SUCCESS", invalid modifier: 'S'
2017-12-27 20:39:47 ERROR last message repeated 34 times
2017-12-27 20:39:47 ERROR couldn't parse integer: LOGON_FAILURE
Bro Files ![Bro files][Bro files]
