1
answer

ProcessID is always 4

Hi, I recently started using Nxlog with Windows event log.

I'm able to get events off of the Security log and onto my server, however, I've noticed something peculiar.

The value of the 'ProcessID' field is always 4, no matter what process is generating the event.

My nxlog.conf has the following sections:

<Extension json>
Module xm_json
</Extension>

AskedJanuary 18, 2016 - 6:03pm
1
answer

Clear Windows Eventlogs

Hi!

 

I'm new to nxlog and try to find a way to clear the Windows eventlogs during or after read/export with nxlog.

I've browsed through the manual, but can't find out how, is there a way to do this with a nxlog module/command?

Regards,

Mikael

 

AskedJanuary 18, 2016 - 1:24pm
1
answer

Testing nxlog to papertrail - Log header entries are logging with (date, external ip address, "logger:") Would like these headers to be (date, HOSTNAME of originator, Process originator) how can I change the header?

Hello - I am testing nxlog to send windows based syslogs to papertrail. The following code seems to produce the logs, however, the log header entries are logging with (date, external ip address, "logger:")  on each line. To be consistent with the other logs being collected, would like these headers to be (date, HOSTNAME of originator, Process originator) how can I change the header that nxlog is pushing out to papertrail?

AskedJanuary 11, 2016 - 4:43pm
1
answer

Dropped message count

Sorry for the activity, I hope this to be the last question - I've been playing with nxlog-ce for a week already.

How can I get a count of (unintentionally) dropped records? Something syslog-ng reports in "mark" messages... Do I have to create a buffer processor, drop the records "intentionally" in it and implement my own counter in script? Or does nxlog exhibit somehow its internal flow control stats?

Milan

AskedJanuary 10, 2016 - 7:24pm

Pages