1
answer

Specific windows event 1102 not getting UserData

Hi,

We have the following configuration for event id 1102 (eventlog cleared):

<Input clearev>
    Module      im_msvistalog
 Query   <QueryList>\
    <Query Id="3">\
     <Select Path="Security">*[System[(EventID=1102)]]</Select>\
           </Query>\
           </QueryList>
 Exec delete($Message);

AskedFebruary 29, 2016 - 10:45am
0
answers

Log on papertrailapp from Windows 10

I have change the conf file like said in the papertrailapp but i don't receive any log from Windows 10. I have stop and start the service but nothing is received.

AskedFebruary 28, 2016 - 7:27pm
1
answer

Filter out all messages, but the ones we want

Hello,

I have a config that I thought would work, but it does not.  I would like to have the syslog service only send specific messages it finds in the log file and ignore all other and not send them to the syslog server.  Her is the config I currently have, but it seems to be sending everything.  Any help would be great.

<Input watchfile_m_LOGFILENAME>

AskedFebruary 23, 2016 - 6:03pm
1
answer

Detection of broken connection with syslog host

Hi Guys

I am using NXLog CE for sending logs to syslog host. My output definition is as follows.

<Output out_WebAdmin>
 Module om_tcp
 Host 10.51.4.38
 Port 5544
 Exec to_syslog_bsd();
</Output>

AskedFebruary 20, 2016 - 8:49am

Pages