NXLog search
Let's talk Start free
Let's talk Start free

nxlog configuration problem in windows 10

Tags:
#1 aledefreitas

I am trying to configure to capture windows 10 logs and it is displaying the following messages below:

2019-04-19 23:40:05 WARNING nxlog-ce received a termination request signal, exiting ... 2019-04-19 23:40:07 WARNING no functional input modules! 2019-04-19 23:40:07 WARNING no routes defined! 2019-04-19 23:40:07 WARNING not starting unused module out 2019-04-19 23:40:07 INFO nxlog-ce-2.10.2150 started

look how this nxlog.conf

Panic Soft #NoFreeOnExit TRUE

define ROOT C: \ Program Files (x86) \ nxlog define CERTDIR% ROOT% \ cert define CONFDIR% ROOT% \ conf define LOGDIR% ROOT% \ data define LOGFILE% LOGDIR% \ nxlog.log LogFile% LOGFILE%

Moduledir% ROOT% \ modules CacheDir% ROOT% \ data Pidfile% ROOT% \ data \ nxlog.pid SpoolDir% ROOT% \ data

<Extension _syslog>

Module xm_syslog

</ Extension>

<Extension gelf> Module xm_gelf </ Extension>

<Output out> Module om_tcp Host 192.168.1.48 Port 12201 #Exec to_syslog_snare (); OutputType GELF_TCP </ Output>

<Extension _charconv> Module xm_charconv AutodetectCharsets iso8859-2, utf-8, utf-16, utf-32 </ Extension>

<Extension _exec> Module xm_exec </ Extension>

<Extension _fileop> Module xm_fileop

# Check the size of our log file hourly, rotate if larger than 5MB
&lt;Schedule&gt;
    Every 1 hour
    Exec if (file_exists ('% LOGFILE%') and \
               (file_size ('% LOGFILE%')&gt; = 5M)) \
                file_cycle ('% LOGFILE%', 8);
&lt;/ Schedule&gt;

# Rotate our log file every week on Sunday at midnight
&lt;Schedule&gt;
    When @weekly
    Exec if file_exists ('% LOGFILE%') file_cycle ('% LOGFILE%', 8);
&lt;/ Schedule&gt;

</ Extension>

Permalink
#2 Zhengshi Nxlog ✓
#1 aledefreitas
I am trying to configure to capture windows 10 logs and it is displaying the following messages below: 2019-04-19 23:40:05 WARNING nxlog-ce received a termination request signal, exiting ... 2019-04-19 23:40:07 WARNING no functional input modules! 2019-04-19 23:40:07 WARNING no routes defined! 2019-04-19 23:40:07 WARNING not starting unused module out 2019-04-19 23:40:07 INFO nxlog-ce-2.10.2150 started look how this nxlog.conf Panic Soft #NoFreeOnExit TRUE define ROOT C: \ Program Files (x86) \ nxlog define CERTDIR% ROOT% \ cert define CONFDIR% ROOT% \ conf define LOGDIR% ROOT% \ data define LOGFILE% LOGDIR% \ nxlog.log LogFile% LOGFILE% Moduledir% ROOT% \ modules CacheDir% ROOT% \ data Pidfile% ROOT% \ data \ nxlog.pid SpoolDir% ROOT% \ data <Extension _syslog> Module xm_syslog </ Extension> <Extension gelf> Module xm_gelf </ Extension> <Output out> Module om_tcp Host 192.168.1.48 Port 12201 #Exec to_syslog_snare (); OutputType GELF_TCP </ Output> <Extension _charconv> Module xm_charconv AutodetectCharsets iso8859-2, utf-8, utf-16, utf-32 </ Extension> <Extension _exec> Module xm_exec </ Extension> <Extension _fileop> Module xm_fileop # Check the size of our log file hourly, rotate if larger than 5MB &lt;Schedule&gt; Every 1 hour Exec if (file_exists ('% LOGFILE%') and \ (file_size ('% LOGFILE%')&gt; = 5M)) \ file_cycle ('% LOGFILE%', 8); &lt;/ Schedule&gt; # Rotate our log file every week on Sunday at midnight &lt;Schedule&gt; When @weekly Exec if file_exists ('% LOGFILE%') file_cycle ('% LOGFILE%', 8); &lt;/ Schedule&gt; </ Extension>

This is the reason:
2019-04-19 23:40:07 WARNING no functional input modules!
You are required to have at least one Input and one Output module. We then need a route.
We will make a default route using all Input and Output combined if you do not add one though.
https://nxlog.co/documentation/nxlog-user-guide-full#config-overview

Since you mention reading Windows 10 logs, please see the following section:
https://nxlog.co/documentation/nxlog-user-guide-full#windows-eventlog
Login to see more