1
answer

Windows DNS Log 2008/2012

I am having an issue where I am outputing a DNS log from Windows Server and having NXLOG read it and ship it to a Logstash environment. My issue however is that after a period of time the log file disappears and is not created. I am assuming it is an issue with NXLog having a lock on the file and when windows rotates it, it fails and doesnt get created.

The DNS Event View Log shows:

AskedJanuary 22, 2015 - 1:56am
1
answer

Change Syslog Facility when reading/forwarding windows events.

Just installed nxlog to begin forwarding events to AlienVault, everything seems to be working so far with reading and forwarding events from the windows log using the im_msvistalog module.  One thing we would like to change to set the Syslog Facility before forwarding it AlienVault.  Have been unable to locate how to do so.

AskedJanuary 21, 2015 - 4:05pm
1
answer

Windows: Auto Start of nxlog service after the install

Hi,

 

I noticed the NXlog service is not started at the end of the install process. I would the service to start automatically at the end of the install of the MSI.

Our goal is:

- modify the conf file in the MSI file to have it ready out of the box.

- Deploy with GPO on all servers.

AskedJanuary 13, 2015 - 8:16am
1
answer

Inconsistent log sending from windows to graylog2

Hi,

 

We are using the community edition of nxlog 2.8.1248 on windows 2008 R2 server. We are having forwarding event log and IIS logs to graylog2.

This is the conf file is pasted below.

AskedJanuary 9, 2015 - 5:12pm

Pages