Hi Folks, I have following nxlog.conf which works fine. define ROOT C:\Program Files (x86)\nxlog Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log LogLevel INFO Module xm_fileop When @daily Exec file_cycle('%ROOT%\data\nxlog.log', 7); Module pm_buffer Type Mem MaxSize 16384 Module xm_gelf # Avoid truncation of the short_message field to 64 characters. ShortMessageLength 65536 Module xm_multiline HeaderLine /^\d+\/\d\d\/\d\d\d\d+\s\d+:\d\d:\d\d+\s+[A-Z]+/ Module im_file File 'C:\DNSLogs\DNSIN.log' # SavePos TRUE ReadFromLast FALSE InputType multiline Module om_file File 'C:\DNSLogs\DNSOUT.log' #Exec $raw_event = "-------------------------------------\n" + $raw_event; Path filein => process-buffer => fileout Now, I am trying to send the data to our log collector GrayLog & added output & route define ROOT C:\Program Files (x86)\nxlog Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log LogLevel INFO Module xm_fileop When @daily Exec file_cycle('%ROOT%\data\nxlog.log', 7); Module pm_buffer Type Mem MaxSize 16384 Module xm_gelf # Avoid truncation of the short_message field to 64 characters. ShortMessageLength 65536 Module xm_multiline HeaderLine /^\d+\/\d\d\/\d\d\d\d+\s\d+:\d\d:\d\d+\s+[A-Z]+/ Module im_file File 'C:\DNSLogs\MGTDCP03_DN.log' # SavePos TRUE ReadFromLast FALSE InputType multiline Module om_file File 'C:\DNSLogs\MGTDCP03_DNSOUT-2.log' #Exec $raw_event = "-------------------------------------\n" + $raw_event; Path filein => process-buffer => fileout Module om_tcp Host 172.17.1.87 Port 5044 OutputType GELF_TCP $gl2_source_collector = '${sidecar.nodeId}'; $collector_node_id = '${sidecar.nodeName}'; Path filein => process-buffer => gelf However, I start getting error msgs in nxlog.log. I have tried some troubleshooting steps but so far I am not able to get around the problem. Appreciate if you can help me resolve this issue. 2020-05-15 05:43:17 WARNING stopping nxlog service 2020-05-15 05:43:17 WARNING nxlog-ce received a termination request signal, exiting... 2020-05-15 05:43:18 INFO nxlog-ce-2.10.2150 started nxlog failed to start: Couldn't parse Exec block at C:\Program Files\Graylog\sidecar\generated\nxlog.conf:58 couldn't parse statement at line 59, character 67 in C:\Program Files\Graylog\sidecar\generated\nxlog.conf invalid character: ' ' (0xd) 2020-05-15 05:44:17 ERROR Couldn't parse Exec block at C:\Program Files\Graylog\sidecar\generated\nxlog.conf:58; couldn't parse statement at line 59, character 67 in C:\Program Files\Graylog\sidecar\generated\nxlog.conf; invalid character: ';' (0xd) 2020-05-15 05:44:17 WARNING stopping nxlog service 2020-05-15 05:44:17 WARNING nxlog-ce received a termination request signal, exiting... 2020-05-15 05:44:18 ERROR Couldn't parse Exec block at C:\Program Files\Graylog\sidecar\generated\nxlog.conf:58; couldn't parse statement at line 59, character 67 in C:\Program Files\Graylog\sidecar\generated\nxlog.conf; invalid character: ';' (0xd) 2020-05-15 05:44:18 ERROR cannot add processor module 'process-buffer' to route 'to_graylog' because it is already added to route 'parse_multiline', you should define another instance at C:\Program Files\Graylog\sidecar\generated\nxlog.conf:65 2020-05-15 05:44:18 ERROR module 'gelf' has configuration errors, not adding to route 'to_graylog' at C:\Program Files\Graylog\sidecar\generated\nxlog.conf:65 2020-05-15 05:44:18 ERROR route to_graylog is not functional without output modules, ignored at C:\Program Files\Graylog\sidecar\generated\nxlog.conf:65 2020-05-15 05:44:18 WARNING not starting unused module gelf 2020-05-15 05:44:18 INFO nxlog-ce-2.10.2150 started