Can you explain what exactly happens in this block?
I don't get a clear explanation of what "xEF\xBB\xBF" means in the below code and why it is having drop ()? .
<Exec>
if $raw_event =~ /^(\xEF\xBB\xBF)?(date-time,|#)/ drop();
else
{
csv_parser->parse_csv();
$EventTime = parsedate(${date-time});
}
</Exec>
Hi,
I would like to know the cost of enterprise edition.
Also, I would like to know whether we could use the purchased nxlog EE package in more than one server to collect logs?
Hi,
I'm using a CE where xm_w3c module is not available. So i'm getting below error:
2019-04-09 14:59:30 ERROR Failed to load module from C:\Program Files (x86)\nxlog\modules\extension\xm_w3c.dll, The specified module could not be found. ; The specified module could not be found.
2019-04-09 14:59:30 ERROR Invalid InputType 'w3c_parser' at C:\Program Files (x86)\nxlog\conf\nxlog.conf:94
Hi,
Im actually having an issue with my nxlog server. We are trying to send antivirus log from a McAfee EPO to my NX. The problem we facing is that when we try a connection test from EPO to NXLOG we get this message on our Nxlog server.
Is the scalability / performance of community vs enterprise edition any different?
We tried the community edition for WEC/WEF and it appears to be dropping logs at 2000 eps.
We're wondering if there are any configuration we should be aware of.
Moreover, please provide sizing recommendations:
> What eps can a single nxlog agent support for WEC/WEF collection?
