Community Forum

Post a question
1
answer

NXLog CE - High CPU Usage

Over the past couple weeks we've noticed high CPU usage on the nxlog service of up to 40%, average is around 25%. As a resolution, we have been stopping the nxlog service as well as the sysmon service, then starting them back up, and after about 10 minutes it finally drops back down to the normal cpu usage.

We are using nxlog CE 2.10.2102 - has anyone else seen this issue?

Will updating to the most current version resolve the issue?

I appreciate any feedback/input!

AskedMay 30, 2019 - 12:04am
1
answer

NPS Logs

Hi All,

AskedMay 24, 2019 - 11:07am
1
answer

im_msvistalog on Windows not resolving GUID for EventID:4624

Hi, is it possibe to resolve GUIDS in EventID:4624
Saw an other post from last year talking about it would be implemented i EE and after that CE.
We currently running ce version and the option for ResolveSID dont work.
Does anyone have a solution for this or a workaround as it looks ok in the Eventviewer where it's resolved correctly.
We currently run nxlog-ce-2.9.1716.

AskedMay 22, 2019 - 8:15am
1
answer

Windows sending logs to qradar

I'm on an enterprise edition trial, we've current got logs being pushed into a time series database using fluentd but I'm also wanting to push the logs into IBM QRadar, but I'm struggling.

Has anyone achieved this? Any assistance with config would be perfect.

Thanks in advance.

AskedMay 20, 2019 - 2:55pm
1
answer

urldecode procedure?

There are many convenient string functions and procedures in the nxlog language, but I did not see one for urldecode. I have some data flowing through the web logs that the client is encoding, and it would be useful to have nxlog decode it. For example, something like:

    $data = urldecode("%61%6a%61%78%5f%66%6f%72%6d");   # $data = "ajax_form"

In addition to requesting that functionality, is there any workarounds you could suggest?

AskedMay 17, 2019 - 5:44pm

Pages