1
answer

How to capture print logs stored in Windows Eventlog

Hi,

I am suresh, i have installed nxlog agent on one of my Windows 2008 R2 print server and it transfer Application, Security & System Eventlogs to LogRhythm log collector. 

My question is, will it also transfer the print logs (stored in Event Viewer -> Applications and Service Logs -> Microsoft -> Windows -> Print Service -> Operational) to my LogRhythm log collector?

or not?

AskedJanuary 21, 2016 - 2:18pm
1
answer

KISS: beginner's problems with im_file and om_file

Hello nxlog world,

Shamed to say, I've spent entire yesterday trying to figure out how to read Windows DHCP log files and ship the events to ElasticSearch.

Problem was with using direct path for folder C:\Windows\System32\dhcp\. Managed to get nxlog to read by sharing the folders (read-only permissions) to the user account used for nxlog service account logon.

AskedJanuary 21, 2016 - 11:45am
1
answer

ProcessID is always 4

Hi, I recently started using Nxlog with Windows event log.

I'm able to get events off of the Security log and onto my server, however, I've noticed something peculiar.

The value of the 'ProcessID' field is always 4, no matter what process is generating the event.

My nxlog.conf has the following sections:

<Extension json>
Module xm_json
</Extension>

AskedJanuary 18, 2016 - 6:03pm
1
answer

Clear Windows Eventlogs

Hi!

 

I'm new to nxlog and try to find a way to clear the Windows eventlogs during or after read/export with nxlog.

I've browsed through the manual, but can't find out how, is there a way to do this with a nxlog module/command?

Regards,

Mikael

 

AskedJanuary 18, 2016 - 1:24pm

Pages