Declaring field types.

Hi everyone,

I've got a box running Kibana and Elasticsearch, with the information being handed across by fluentd.  It's all working pretty well, and I've moved on to pushing Windows events through - which is where I'm struggling.

I'm using nxlog on a windows machine, and it's pushing the data directly to elasticsearch - unfortunately I cannot for love nor money get the date to be handled as a date, rather than a string; the nxlog output is:

AskedNovember 19, 2015 - 10:22am

Collecting IIS Logs

I cannot seem to get NXLog to ship IIS Logs to LogAnalyzer.  It is collecting Event logs perfectly.  I have commented out all event logs in an attempt to isolate just IIS flow and there is nothing.

AskedNovember 3, 2015 - 3:31pm

Can NXLOG event correlator buffer/retain messages in memory

can event coorelation be used with a trigger such that when an event matches it collects subsequent if all come in within specifc time frame (say within 30second from first event) and write those or send via email?

we currently have such functionality out of per based "SEC" but are trying to migrate to NXLOG.



AskedOctober 27, 2015 - 6:02pm

PM_buffer module


Is there a garbage collector service, when using the pm_buffer to disk, so that the buffer file on disk is emptied? If yes, how often is this run, and can it be configured?


AskedOctober 26, 2015 - 12:21pm