Windows event ID not forwarded and problem with control characters
ryssland
Hi. I am having an issue with forwarding event logs from a centralized server to an rsyslog and indexed in splunk. The logs are forwarded but the Event ID (the most important part) is missing. I am also having an issue with control characters on , this however could be blamed on rsyslog, but as I understand it the issue with control characters could be solved in the nxlog config.
Anyone care to give me a nudge in the correct way here?
//Thx
