Hi, We're evaluating nxlogn to forward event logs and IIS logs from same server as SYSLOG format to centralised log server. The event logs are reaching correctly, but not the IIS logs. Please see the configuration settings. Your help would be highly appreciated

============================================================

define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

<Extension _syslog>
    Module      xm_syslog
</Extension>

<Input eventlog>
    Module      im_msvistalog
# For windows 2003 and earlier use the following:
#   Module      im_mseventlog
</Input>

<Extension w3c>
    Module    xm_csv
    Fields    $date, $time, $site, $dstip, $HTTPMethod, $URIStem, $URIQuery, $port, $username, $srcip, $UserAgent, $HTTPStatus, $SubStatus, $win32Status
    FieldTypes    string, string, string, string, string, string, string, string, string, string, string, string, string, string,
    Delimiter    ' '
</Extension>

<Input IIS_Log>
  Module    im_file
    File    "C:\WINDOWS\System32\LogFiles\W3SVC1\ex*"
    ReadFromLast TRUE
        #Drop info legend lines
        Exec    if $raw_event =~ /^#/ drop();\
        else\
        {\
            w3c->parse_csv();\
            $EventTime = parsedate($date + " " + $time);\
        }
</Input>

<Output out>
    Module      om_udp
    Host        X.X.X.X
    Port        514
    Exec        to_syslog_snare();
</Output>

<Route 1>
    Path        eventlog => out
</Route>

<Route 2>
    Path        IIS_Log => out
</Route