Hello, I have recently been trying up a syslog-ng server for various devices and have tried a couple of things for sending Windows Events to the server. Finally decieded that NXLog will do what I need and I have gotten sent some events over without much configuration, but when trying filter within the .conf file, it always fails. I can't really find much good information as to why it might be failing, as it seems that it should be correct.(to me anyway) # Windows Event Log, Module im_msvistalog Exec if $EventID == 4734 or $EventID == 4624 drop(); Exec $Message = to_json(); I have narrowed it down to this block, since the log says nxlog failed to start: without matching section at C:\Program Files (x86)\nxlog\conf\nxlog.conf:43 Which is where this block ends? I can't really make sense of this, so if anyone has some guidance please tell me.