We are currently using nxlog to send Windows logs to QRadar SIEM utsing TLS.
It works fine, but I receive extra lines in QRadar. I receive empty logs (containing Cg== on base 64, which seems to be a carriage return or a line break).
The problem appears only when using module om_ssl, not whith om_tcp or om_udp. We tried to remove line break or carriage return using nxlog configuration, but we still have the behaviour.