1
answer
answer
egor_bely
SMB shared files
Hello!
How can i get logs from shared folder by domain user?
Should i start nxlog service under this user or there is another way?
0
answers
answers
chauchard
Nxlog CE vs EE
Hi everybody,
I would like to centralize sysmon events from endpoints using WEF and then forward "forwarded events" from collector server to graylog. Can i do it using Community edition of Nxlog ?
If yes,
- can i concerve originated enpoint source ?
- which format does i need to use (SYSLOG or GELF) ?
Thanks
1
answer
answer
feujj
Windows logs can'
Hello,
I parameterized as seen in the examples the nxlog configuration file for the logs of my Windows 2016 servers, but when I restart the services with them. In the nxlog files I find this:
nxlog failed to start: Expected </Extension_gelf> but saw </Extension> at C:\Program Files (x86)\nxlog\conf\nxlog.conf:48
nxlog failed to start: Expected </Extension_gelf> but saw </Extension> at C:\Program Files (x86)\nxlog\conf\nxlog.conf:48
1
answer
answer
juju43
Nxlog windows binaries properties/metadata
Hello,
When using sysmon and nxlog, nxlog.exe is triggering alerts for suspicious file characteristics from sigma
https://github.com/Neo23x0/sigma/blob/master/rules/windows/sysmon/sysmon_susp_file_characteristics.yml
nxlog.exe binary (others?) have missing properties fields like product, fileversion, company, description.
1
answer
answer
phg98
My app gets CFileException::sharingViolation when nxlog is running
Hi,
My app runs on Windows and it writes log to the file a.log.
When I run NXLog to watch this file (to send log to the server), My app gets CFileException::sharingViolation trying to write log to a.log file.
It does not happen always, but when the log is big sometimes it happens and my app can not write log to a.log file.