No SSL data sent (om_ssl) from Windows NXlog to Linux ELK


Having an issue with using om_ssl from a Windows NXlog client to a Linux ELK server.

The issue lies with the encryption part, the connection is established on the associated destination SSL port I set but no SSL traffic can be see/captured.

For information here is the logstash config and the NXlog config, I believe the issue lies with the certs.

AskedFebruary 19, 2015 - 10:46pm

om_ssl with GELF - GELF over TCP/TLS support

Hello, is there any chance that nxlog supports Output om_ssl with OutputType GELF?
As descriped here https://www.mail-archive.com/nxlog-ce-users@lists.sourceforge.net/msg00397.html
currently NXLog only supports GELF via om_udp .

It would be great, because Graylog now (19. February 2015) supports TLS for all standard TCP and AMQP inputs.

AskedFebruary 19, 2015 - 6:06pm

Windows 8.1 and corrupted event log ?

I am getting an error message to nxlog.log.
2015-02-17 08:16:23 INFO nxlog-ce-2.8.1248 started
2015-02-17 08:16:35 ERROR Couldn't read next event, corrupted eventlog?; The data is invalid.
And after this error no more events or log messages are generated.
However I can read event log with event viewer and I can see new events.
These are messages in my graylog2:

AskedFebruary 17, 2015 - 7:51am

Write to message queues


I would like to write logs out to a message queue such as kafka or redis or rabbitmq etc. Is there a road map for that? Alternately would a workaround such as writing out in JSON format to a om_tcp destination work?

Can I also track the state of a tcp connection and send output to an alternate destination? I could write an external shell that would track the nxlog.log for "connection lost/made" and decision off that but I suspect that would be very expensive.

AskedFebruary 13, 2015 - 3:50pm

Log detail being dropped

Hi everyone,

We have an internal application on a windows box which logs in a way which is slightly mangled. All other windows logs come through nxlog but on these messages the entire message field gets dropped.

Is there a way to parse using ifs? eg:

if $service == "Homegrown app" {


So that I can either change the output format or parse them untouched into a file etc...

AskedFebruary 13, 2015 - 10:23am