Nxlog module


I am doing a rule which detects me are making multiple responses of ICMP from the same IP in which there are diferent IPs.


The problem that i have is that don't write in the output with raw_event and file_write. In file_write I put the "otro" file. 

Do you know it can be?




File nxlog.conf:

AskedMay 13, 2016 - 9:39pm

NXlog Implementation

Hi all! Im new and would really appreciate any assistance/feedback on implementation... I'm trying to implement Audit Reduction in my environment which includes (4) Windows 7 boxes , (2) RHEL 7 boxes (SYSLOG) and (1) RHEL 6 box (SYSLOG)... We have all the logs writing to one of the Windows 7 workstations. The logs need to be manually pulled off and put in another location.

AskedMay 11, 2016 - 8:20pm

How to delete input files after reading ?

Hi Everyone,
New forum user, so sorry if I do not respect some uses rules…and I’m French by the way, so sorry about my bad English level too…;-)
I use Nxlog in the following context :
A machine A send periodically a file on a machine B (same file name)
Machine B is used like a first level of log centralization. Nxlog is installed on it
Then, Nxlog send log to Machine C who host Logstash

AskedMay 11, 2016 - 3:19pm

NxLog marked as virus

Hi there,


Has any of you encountered this virus warning? The scan was done using TrendMicro HouseCall.


Is my nxlog infected? Thanks for your help

AskedMay 10, 2016 - 7:54am