I have setup with RHEL 7.9 (kernel  3.10.0-1160.108.1.el7.x86_64) / NXLog CE 3.2.2329 / Postgresql 15 vanilla / libdbi 8.4 with configuration:User nxlog Group nxlog include /etc/nxlog/nxlog.d/*.conf LogFile /var/log/nxlog/nxlog.log LogLevel DEBUG <Extension charconv> Module xm_charconv </Extension> <Input sqlite3_dbi> Module im_dbi SQL SELECT * FROM vw_tp_message Driver sqlite3 Option dbname term_refdata.db Option sqlite3_dbdir /app/data/monitoring Option sqlite3_timeout 1000 PollInterval 5 SavePos TRUE </Input> <Output postgres_dbi> Module om_dbi SQL INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ($SyslogFacility, $SyslogSeverity, $Hostname, '$EventTime', $SourceName, $Message) Driver pgsql Option host /var/run/postgresql Option username srv_nxlog Option dbname MSGLog Exec $Message = convert($Message, "windows-1251", "utf-8"); </Output> <Route sqlite_postgres> Path sqlite3_dbi => postgres_dbi </Route>There are only 2 records in sqlite database:$ sqlite3 -header /app/data/monitoring/term_refdata.db 'select * from vw_tp_message' id|SyslogFacility|SyslogSeverity|Hostname|EventTime|SourceName|Message 1293441|USER|INFO|SERVER1-D1-CL|2024-09-12 00:18:22.540|tp_msg|Some text in Windows1251 encoding 1293442|USER|INFO|SERVER1-D1-CL|2024-09-12 00:41:04.677|tp_msg|Another text in Windows1251 encodingAnd this is what I get in nxlog.log:... 2024-09-12 16:54:59 DEBUG logdata missing or undef 'EventTime', setting to NULL 2024-09-12 16:54:59 DEBUG om_dbi SQL: INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Some text in Windows1251 encoding') 2024-09-12 16:54:59 ERROR [om_dbi.c:256/om_dbi_write()] -;[om_dbi.c:85/om_dbi_error()] om_dbi failed to execute SQL statement "INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Some text in Windows1251 encoding')". ERROR: invalid input syntax for type timestamp: "NULL";LINE 1: ... VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 't...; ^;[errorcode: 0] ... 2024-09-12 16:54:59 DEBUG logdata missing or undef 'EventTime', setting to NULL 2024-09-12 16:54:59 DEBUG om_dbi SQL: INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р?нициализация СЏРґСЂР° после перезапуска') 2024-09-12 16:54:59 ERROR [om_dbi.c:256/om_dbi_write()] -;[om_dbi.c:85/om_dbi_error()] om_dbi failed to execute SQL statement "INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р?нициализация СЏРґСЂР° после перезапуска')". ERROR: invalid input syntax for type timestamp: "NULL";LINE 1: ... VALUES ('USER', 'INFO', 'ABACUS-D1-CL', 'NULL', 't...; ^;[errorcode: 0] ... 2024-09-12 16:54:59 ERROR [expr.c:189/nx_expr_statement_execute()] assignment failed at line 61, character 70 in /etc/nxlog/nxlog.conf. statement execution has been aborted;[expr.c:90/nx_expr_statement_assignment_execute()] -;[expr.c:509/nx_expr_evaluate()] function 'convert' failed at line 61, character 69 in /etc/nxlog/nxlog.conf. expression evaluation has been aborted;[expr.c:279/nx_expr_eval_func()] -;[xm_charconv_funcproc_cb.c:283/nx_expr_func__convert()] -;[str.c:106/_nx_string_new_size()] oversized string (1688710), limit is 1048576 bytes 2024-09-12 16:54:59 DEBUG logdata missing or undef 'EventTime', setting to NULL 2024-09-12 16:54:59 DEBUG om_dbi SQL: INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р В Р’В РВ<C2> 2024-09-12 16:54:59 ERROR [om_dbi.c:256/om_dbi_write()] -;[om_dbi.c:85/om_dbi_error()] om_dbi failed to execute SQL statement "INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р В Р’ВРР<E2><80> ...As you can see, logdata variable $EventTime just disappear and $Message get corrupted after some retries (note: om_dbi retries crazy fast - about 50000 time every few seconds). If I change om_dbi to simple om_file then all works fine. Another note: this configuration worked fine some time since initial setup, but now error appear every time (maybe postgresql query time affects it?)  

Please give me some advice. When I used nxlog to receive DHCP server logs, I found that the logs were missing and the nxlog logs showed error messages. INFO inode changed for 'E:\DHCP\DhcpSrvLog-Fri.log' (56→56): reopening possibly rotated file  

We currently have NXLog running on Windows 2019 with the file integrity module that monitors files in sub directories under a main directly.  I.E.  Say we have about 20 subdirectories for files under a directory called c:\code. If any file is changed/deleted/added under that directory, an alert message is sent out via the OM_UDP module to our siem. The problem I am looking to resolve, is that I will be copying over about 10 new directories with hundreds of files in each directory, and I don't want NXLog to generate hundreds of alerts because it found new files and directories.  Is there a way to “reset” or “refresh” the baseline after the new files/folders are copied over so it will know those files should be there?

Is there any ETA on Debian 12 support for NXLog Community Edition?

I havent been able to download the files for any of the community edition agents. https://nxlog.co/downloads/nxlog-ce#nxlog-community-edition , select the OS version and click Download.  5 sec later I get a pop up stating “Undefined”.  I have tried on different Browsers, platforms, and workstations and there is no change in the behavior.

Hi,Could you please advise on how to replace the NXLog-Manager's self-signed certificate for the HTTPS console?The steps in the following article do not apply to version 5.7.5:https://docs.nxlog.co/manager/current/installation/https.htmlPlease help. Thanks.Regards, Billy

I'm trying to integrate with LDAPS and do have some issue. I'm using the below document and below is the command to import LDAPS certificate into the cacerts keystore. keytool -keystore <PATH_TO_JRE>/lib/security/cacerts -import -alias \ certificate -file <PATH_TO_CERTIFICATE>/certificate.cerWhen i try to import the certificate and they are asking for the keystore password. I assume this keystore was created during installation not sure what is the password.Need to check whether anyone know what is the keystore password?https://docs.nxlog.co/manager/current/users/index.html

Greetings! I have a vulnerability in jQuery to be addressed in the nxlog manager v5 (5.5.5398). This is related to XSS vulnerabilities from the version of jQuery installed (1.8.3, 1.9.2 ui) . Will upgrading Manager to 5.6.5633 resolve the issue and update jQuery to 3.5.0+ ? If not, please can you provide steps to update jQuery manually? Thanks! Shyam (on behalf of Shashidhar Ghiliyal)

Hi,sorry, just added config an logs….We have some installations of NXLOG in Version 3.2.2339. This works fine, but every 5 to 10 minutes we find exactly 50 events showing a crash of nxlog.exe in module im_msvistalog.Problem signature: P1: nxlog.exe P2: 0.0.0.0 P3: 643951bd P4: im_msvistalog.dll P5: 0.0.0.0 P6: 643951bd P7: c0000005 P8: 00000000000045b2 P9: P10:  Any suggestions how to fix that?Thanks & Best regards, Thilo nxlog.cfg:define ROOT C:\Program Files\nxlog define CERTDIR %ROOT%\cert define CONFDIR %ROOT%\conf define LOGDIR %ROOT%\data define LOGFILE %LOGDIR%\nxlog.log LogFile %LOGFILE% Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data <Extension gelf> Module xm_gelf </Extension> <Input eventlog> Module im_msvistalog Query <QueryList> <Query Id="0"> <Select Path="Application"></Select> <Select Path="System"></Select> <Select Path="Security"></Select> <Select Path="Microsoft-Windows-Windows Defender/Operational"></Select> </Query> </QueryList> </Input> <Output tcp> Module om_tcp Host graylog.xxxx.yyyy Port 12202 OutputType GELF_TCP Exec $Hostname = 'hostXYZ.xxxx.yyyy'; </Output> <Route eventlog_to_udp> Path eventlog => tcp </Route>Crash-Event:Debug-Log atTime of Event (19:46:37)2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b610 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840 2024-02-14 19:46:37 DEBUG worker 1 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49f0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 1 got signal for new job 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d48b0 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0 2024-02-14 19:46:37 DEBUG worker 1 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b7a0 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 1 got signal for new job 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d47c0 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b5c0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b890 2024-02-14 19:46:37 DEBUG worker 1 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d49a0 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 1 got signal for new job 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d47c0 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 1 waiting for new event 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b5c0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4a40 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG new event in event_thread [eventlog:READ] 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: READ (eventlog) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG no events or no future events, event thread sleeping in condwait 2024-02-14 19:46:37 DEBUG worker 1 got signal for new job 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b570 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: READ (eventlog) 2024-02-14 19:46:37 DEBUG im_msvistalog checking for new events... 2024-02-14 19:46:37 DEBUG im_msvistalog read 21 events 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4a90 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1449 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7f0 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4770 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4900 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4810 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 1 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 2 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4860 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b610 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b660 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4950 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d47c0 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4900 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1479 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4810 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b700 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1883 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b840 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49f0 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1843 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d47c0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 2011 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4770 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b5c0 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 2019 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b660 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4900 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1769 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b890 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4a90 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1800 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d48b0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4a40 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49a0 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 1 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp sent 8161 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 2 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 1843 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4950 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG om_tcp sent 2025 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d47c0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d03f0 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b750 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0) 2024-02-14 19:46:37 DEBUG RESUME: eventlog 2024-02-14 19:46:37 DEBUG new event in event_thread [eventlog:READ] 2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume 2024-02-14 19:46:37 DEBUG future event, event thread sleeping 1000000ms in cond_timedwait 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG executing statements 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d0580 2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG worker 0 got no event to process 2024-02-14 19:46:37 DEBUG RESUME: eventlog 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG om_tcp sent 1985 bytes 2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d04e0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG RESUME: eventlog 2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b7f0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0490 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp) 2024-02-14 19:46:37 DEBUG om_tcp_write 2024-02-14 19:46:37 DEBUG add socket [21] 2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21] 2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0) 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 got signal for new job 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d0580 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0530 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG RESUME: eventlog 2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume 2024-02-14 19:46:37 DEBUG worker 1 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d03f0 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 got no event to process 2024-02-14 19:46:37 DEBUG worker 2 waiting for new event 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 1 got signal for new job 2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0490 2024-02-14 19:46:37 DEBUG worker 0 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp 2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out 2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp) 2024-02-14 19:46:37 DEBUG event added to jobqueue 2024-02-14 19:46:37 DEBUG worker 2 got signal for new job 2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d04e0 2024-02-14 19:46:37 DEBUG worker 1 waiting for new event 2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp) 2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp    

Hello! I need to process input syslog events via tls. But in the nxlog.log I have the following errors: 2020-02-18 16:19:01 INFO SSL connection accepted from XX.XX.XX.XX:52616 2020-02-18 16:19:01 ERROR SSL error, SSL_ERROR_SSL: retval 0, reason: sslv3 alert certificate unknown 2020-02-18 16:19:01 WARNING SSL connection closed from XX.XX.XX.XX:52616 When I try to DEBUG I've got the following events: 2020-02-18 16:27:54 DEBUG worker 0 got signal for new job 2020-02-18 16:27:54 DEBUG worker 0 got no event to process 2020-02-18 16:27:54 DEBUG worker 0 waiting for new event 2020-02-18 16:27:54 DEBUG no events or no future events, event thread sleeping in condwait 2020-02-18 16:27:54 DEBUG [in_syslog_tcp_ssl] no poll events, pollset_poll timed out 2020-02-18 16:27:54 DEBUG nx_event_to_jobqueue: POLL (in_syslog_tcp_ssl) 2020-02-18 16:27:54 DEBUG event added to jobqueue 2020-02-18 16:27:54 DEBUG worker 2 processing event 0x7f0d140008c0 2020-02-18 16:27:54 DEBUG PROCESS_EVENT: POLL (in_syslog_tcp_ssl) 2020-02-18 16:27:54 DEBUG nx_module_pollset_poll: in_syslog_tcp_ssl 2020-02-18 16:27:54 DEBUG worker 1 got signal for new job 2020-02-18 16:27:54 DEBUG worker 1 got no event to process 2020-02-18 16:27:54 DEBUG worker 1 waiting for new event 2020-02-18 16:27:54 DEBUG no events or no future events, event thread sleeping in condwait 2020-02-18 16:27:54 DEBUG [in_syslog_tcp_ssl] no poll events, pollset_poll timed out 2020-02-18 16:27:54 DEBUG nx_event_to_jobqueue: POLL (in_syslog_tcp_ssl) 2020-02-18 16:27:54 DEBUG event added to jobqueue 2020-02-18 16:27:54 DEBUG worker 2 processing event 0x7f0d14000910 2020-02-18 16:27:54 DEBUG PROCESS_EVENT: POLL (in_syslog_tcp_ssl) 2020-02-18 16:27:54 DEBUG nx_module_pollset_poll: in_syslog_tcp_ssl 2020-02-18 16:27:54 DEBUG worker 3 got signal for new job 2020-02-18 16:27:54 DEBUG worker 3 got no event to process 2020-02-18 16:27:54 DEBUG worker 3 waiting for new event 2020-02-18 16:27:54 DEBUG no events or no future events, event thread sleeping in condwait My input configuration: <Input in_syslog_tcp_ssl> Module im_ssl Host 0.0.0.0 Port 12514 CAFile /opt/nxlog/ssl/rootCA.pem AllowUntrusted TRUE RequireCert FALSE CertFile /opt/nxlog/ssl/server.crt CertKeyFile /opt/nxlog/ssl/server.key InputType Syslog_TLS KeyPass XXXXXXXXXX Exec parse_syslog(); </Input> I create certificates by this guide: https://nxlog.co/documentation/nxlog-user-guide/encrypted.html#openssl-certs I trying to use different variation with "AllowUntrusted", "RequireCert", but it's not working for me.

Greetings All,I'm attempting to collect logs from a Meditech server and having a bit of an issue getting the conf file working. Nxlog.log does not show an error but the conf is not writing to the output file.. Typical log that will need to be parsed looks something like this(There is inconsistent spacing in the log):[2024-06-020T04:03:52.593Z maintenance 3 10152 - - Info] Beginning maintenance cycle...And I'm attempting to parse and send it to a file with this:# # Configuration for converting and sending MediTech Logs # #Configure Root Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log #Load Modules <Extension json> Module xm_json </Extension> <Extension syslog> Module xm_syslog </Extension> <Input internal> Module im_internal </Input> ####################################################################### MediTech ####################################################################### Define the input source: MediTech logs <Input MEDITECH_IN> Module im_file File "C:\MediTech\s1.log" &lt;Exec&gt; if $raw_event =~ /(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\]\s+(.*)$/ { $raw_event = "Time: " + $EventTime + "," + "C1: " + $2 + "," + "C2: " + $3 + "," + "C3: " + $4 + "," + "C4: " + $5 + "," + "C5: " + $6 + "," + "C6: " + $7; } &lt;/Exec&gt; </Input> Define the output destination: forwarding to a central syslog server <Output MEDITECH_OUT> Module om_file File "C:\MediTech\s1_exec_out.txt" Exec $Message = $raw_event; </Output> <Route MEDITECH> Path MEDITECH_IN => MEDITECH_OUT </Route>Also, if I'm way off base with the parsing method please let me know.Any assistance would be appreciated.

I'm attempting to parse a Cerberus FTP log file. What I wind up with:{ "EventReceivedTime": "2024-08-01 16:11:37", "SourceModuleName": "cerberus_log", "SourceModuleType": "im_file", "message": "[\u00002\u00000\u00002\u00004\u0000-\u00000\u00008\u0000-\u00000\u00001\u0000 \u00001\u00006\u0000:\u00001\u00001\u0000:\u00003\u00006\u0000]\u0000:\u0000C\u0000O\u0000N\u0000N\u0000E\u0000C\u0000T\u0000 \u0000[\u00001\u00005\u00002\u00004\u00009\u00002\u0000]\u0000 \u0000-\u0000 \u0000C\u0000o\u0000n\u0000n\u0000e\u0000c\u0000t\u0000i\u0000o\u0000n\u0000 \u0000t\u0000e\u0000r\u0000m\u0000i\u0000n\u0000a\u0000t\u0000e\u0000d\u0000" }I've tried this, to no avail:<Input cerberus_log> Module im_file File "C:\ProgramData\Cerberus LLC\Cerberus FTP Server\log\server.1.log" <Exec> $message = convert($raw_event, "utf-8", "iso8859-2"); if $message =~ s/(.)\\u0000// $message = $1; to_json(); </Exec> </Input>How can I properly parse the log to remove the \u0000 characters before it goes out?

We have a distributed solution and a centralised solutionBoth send events to Splunk (I'm the Splunk Admin)100% of the distributed events have the host field present.About 50% of the centralised events have the host field missing and show :Hostname: ?Any idea why this would be? is this a misconfiguration on the centralised host somewhere?  or on the agentless side?Module:SourceModuleName: in_audit_pipe   SourceModuleType: im_pipeThanks.

I'm encountering some errors with a combination of JSON and UDP inputs/processing. After these errors start occurring, the nxlog process eventually gets killed by the system (or maybe crashes? I'm having a hard time determining that at this point.). It appears that nxlog receives some unexpected data via UDP, and then gets into some sort of loop about “map key name not found” until it eventually crashes. Based on the log below, I'm wondering if it has to do with fragmentation of the UDP packets, maybe receiving them out of order and not being reassembled properly before it gets to the point of being processed by the JSON transformer in NXlog?This particular instance is on a Rocky Linux 8 server, with nxlog-ce-3.2.2329. The general setup here is a local source sends JSON messages over UDP to nxlog via 127.0.0.1, and then nxlog handles the secure connection for sending the message to our Graylog server.Here's the applicable portion of the config. (Edit: I have no idea what's going on with the formatting of this code block; I've tried editing it several times, but I can't seem to get it to look normal. I'll just take it out of a code block and put some markers around it.)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<Output gelf>    Module om_ssl    Host <redacted: jinja2 var>    Port 12202    AllowUntrusted True    OutputType GELF_TCP    <Exec>        # These fields are needed for Graylog        $gl2_source_collector = '<redacted: jinja2 var>';        $collector_node_id = '<redacted: jinja2 var>';    </Exec>    <Schedule>        When <redacted: jinja2 var>        Exec reconnect();    </Schedule></Output><Input local_json_udp>    Module im_udp    Host 127.0.0.1    Port 12201    SockBufSize 150000000</Input><Processor local_json_udp_buffer>    Module pm_buffer    MaxSize 4096    Type Mem    WarnLimit 3072</Processor><Processor local_json_udp_transform>    Module pm_transformer    InputFormat JSON</Processor><Route upd_fwd>    Priority 1    Path local_json_udp => local_json_udp_buffer => local_json_udp_transform => gelf</Route>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~This is a relatively old config, so there are some things that have just been copied from previous versions as it's evolved, such as the 150M socket buffer on the UDP input, but only 4K on the internal buffer. Feel free to comment on changes to those, too.Here's the portion of the log from just before where the issue starts through the process crash, with sensitive data redacted. This is from the system journal. I don't believe the log file rotation ins part of the issue, but I included them for timing reference.Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: partial file path 1>2024-07-16 08:23:57 ERROR failed to parse json string, parse error: premature EOF; {"short_message":"[backtrace] A; (right here) ------^; [{"short_message":"[backtrace] A query is being a memory hog","full_message":"\n\t\t\t\tSELECT <redacted: mysql fields>\n\t\t\t\tFROM <redacted: mysql table>\n\t\t\t\tLEFT JOIN <redacted: mysql join> \nLEFT JOIN <redacted: mysql join> \nLEFT JOIN <redacted: mysql join> \n\t\t\t\tWHERE d.id IN(8654)\n\t\t\t\t\n\t\t\t\t\n\t\t\t\tORDER BY d.title ASC\n\t\t\t\t\n\t\t\t","SourceModuleType":"app_generated_msg","SourceModuleName":"php_graylog","SourceName":"app_pro_memory_log","memory_usage":200308768,"query_instance":"c32d1cc9f5caa42fa04a63761a736e71","backtrace":"[\n {\n \"file\": \"<redacted: truncated json-escaped path> Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR failed to parse json string, parse error: trailing garbage; 6182,\n 6186,\n ; (right here) ------^; [ 6182,\n 6186,\n 6187,\n 6188,\n 6189,\n 6190,\n 6191,\n 6192,\n 6193,\n 6194,\n 6195,\n 6196,\n 6197,\n 6198,\n 6199,\n 6200,\n 6201,\n 6203,\n 6204,\n 6205,\n 6206,\n 6207,\n 6208,\n 6209,\n 6210,\n 6211,\n 6212,\n 6213,\n 6214,\n 6215,\n 6216,\n Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 WARNING data in pm_buffer reached 3073 kbytes Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 WARNING pm_buffer is full (4100 kbytes)! Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found Jul 16 08:24:00 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:00 ERROR last message repeated 296744 times Jul 16 08:24:00 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:00 ERROR map key name not found Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found Jul 16 08:24:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:05 ERROR last message repeated 323811 times Jul 16 08:24:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:05 ERROR map key name not found Jul 16 08:24:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:08 ERROR last message repeated 304470 times Jul 16 08:24:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:08 ERROR map key name not found Jul 16 08:24:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:11 ERROR last message repeated 265201 times Jul 16 08:24:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:11 ERROR map key name not found Jul 16 08:24:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:14 ERROR last message repeated 254768 times Jul 16 08:24:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:14 ERROR map key name not found Jul 16 08:24:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:17 ERROR last message repeated 267045 times Jul 16 08:24:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:17 ERROR map key name not found Jul 16 08:24:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:20 ERROR last message repeated 333813 times Jul 16 08:24:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:20 ERROR map key name not found Jul 16 08:24:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:23 ERROR last message repeated 293331 times Jul 16 08:24:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:23 ERROR map key name not found Jul 16 08:24:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:26 ERROR last message repeated 274896 times Jul 16 08:24:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:26 ERROR map key name not found Jul 16 08:24:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:29 ERROR last message repeated 274099 times Jul 16 08:24:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:29 ERROR map key name not found Jul 16 08:24:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:32 ERROR last message repeated 215508 times Jul 16 08:24:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:32 ERROR map key name not found Jul 16 08:24:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:35 ERROR last message repeated 227820 times Jul 16 08:24:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:35 ERROR map key name not found Jul 16 08:24:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:38 ERROR last message repeated 215476 times Jul 16 08:24:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:38 ERROR map key name not found Jul 16 08:24:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:41 ERROR last message repeated 249382 times Jul 16 08:24:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:41 ERROR map key name not found Jul 16 08:24:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:44 ERROR last message repeated 262639 times Jul 16 08:24:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:44 ERROR map key name not found Jul 16 08:24:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:47 ERROR last message repeated 228055 times Jul 16 08:24:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:47 ERROR map key name not found Jul 16 08:24:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:50 ERROR last message repeated 244952 times Jul 16 08:24:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:50 ERROR map key name not found Jul 16 08:24:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:53 ERROR last message repeated 230802 times Jul 16 08:24:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:53 ERROR map key name not found Jul 16 08:24:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:56 ERROR last message repeated 270445 times Jul 16 08:24:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:56 ERROR map key name not found Jul 16 08:24:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:59 ERROR last message repeated 276170 times Jul 16 08:24:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:59 ERROR map key name not found Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found Jul 16 08:25:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:05 ERROR last message repeated 218827 times Jul 16 08:25:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:05 ERROR map key name not found Jul 16 08:25:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:08 ERROR last message repeated 241344 times Jul 16 08:25:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:08 ERROR map key name not found Jul 16 08:25:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:11 ERROR last message repeated 239566 times Jul 16 08:25:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:11 ERROR map key name not found Jul 16 08:25:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:14 ERROR last message repeated 216182 times Jul 16 08:25:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:14 ERROR map key name not found Jul 16 08:25:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:17 ERROR last message repeated 219382 times Jul 16 08:25:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:17 ERROR map key name not found Jul 16 08:25:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:20 ERROR last message repeated 210542 times Jul 16 08:25:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:20 ERROR map key name not found Jul 16 08:25:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:23 ERROR last message repeated 219382 times Jul 16 08:25:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:23 ERROR map key name not found Jul 16 08:25:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:26 ERROR last message repeated 215193 times Jul 16 08:25:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:26 ERROR map key name not found Jul 16 08:25:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:29 ERROR last message repeated 218181 times Jul 16 08:25:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:29 ERROR map key name not found Jul 16 08:25:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:32 ERROR last message repeated 218710 times Jul 16 08:25:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:32 ERROR map key name not found Jul 16 08:25:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:35 ERROR last message repeated 218381 times Jul 16 08:25:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:35 ERROR map key name not found Jul 16 08:25:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:38 ERROR last message repeated 279278 times Jul 16 08:25:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:38 ERROR map key name not found Jul 16 08:25:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:41 ERROR last message repeated 254365 times Jul 16 08:25:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:41 ERROR map key name not found Jul 16 08:25:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:44 ERROR last message repeated 246005 times Jul 16 08:25:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:44 ERROR map key name not found Jul 16 08:25:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:47 ERROR last message repeated 232794 times Jul 16 08:25:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:47 ERROR map key name not found Jul 16 08:25:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:50 ERROR last message repeated 256292 times Jul 16 08:25:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:50 ERROR map key name not found Jul 16 08:25:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:53 ERROR last message repeated 210924 times Jul 16 08:25:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:53 ERROR map key name not found Jul 16 08:25:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:56 ERROR last message repeated 210623 times Jul 16 08:25:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:56 ERROR map key name not found Jul 16 08:25:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:59 ERROR last message repeated 248391 times Jul 16 08:25:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:59 ERROR map key name not found Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR last message repeated 195119 times Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: <redacted: partial file path 2>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR last message repeated 4494 times Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR last message repeated 821 times Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR last message repeated 195472 times Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR last message repeated 35 times ... Jul 16 08:27:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:26 ERROR last message repeated 205422 times Jul 16 08:27:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:26 ERROR map key name not found Jul 16 08:27:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:29 ERROR last message repeated 214852 times Jul 16 08:27:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:29 ERROR map key name not found Jul 16 08:27:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:32 ERROR last message repeated 104496 times Jul 16 08:27:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:32 ERROR map key name not found Jul 16 08:27:36 <redacted: hostname> systemd[1]: nxlog.service: Main process exited, code=killed, status=9/KILL Jul 16 08:27:36 <redacted: hostname> systemd[1]: nxlog.service: Failed with result 'signal'. -- Subject: Unit failed -- Defined-By: systemd -- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel -- -- The unit nxlog.service has entered the 'failed' state with result 'signal'.The log mostly consisted of the the log file rotation messages previous to this portion of it, with the occasional notification of the reconnect. The <redacted: partial file path 2> is the second half of the previous <redacted: partial file path 1>, so everything between them got inserted in the middle of that message being written to the log.The input JSON looks very GELF-esqe, but modified since NXLog CE doesn't support a GELF input. The exact message varies per error instance, but it does seem to be a consistently larger message (I've determined this by finding the origination point of the message from within the code of the local source), hence my suspicion of the underlying source being a limitation in the network stack.Any guidance on what's going on would be great. The “map key name not found” error is pretty vague, and I can't find much about it online or in this forum, but I also think that it's just a side effect to the issues that appear to happen before it.

Hello, i am trying free alternatives for our old syslog software. Before investing a lot of time can you tell me if it is possible to realize the following syslog configuration?If someone has a similar syslog cofiguration and can post an example config or give me some advice that would be really nice.environment:Windows Server 2022NxLog CE 3.2.2329syslog source:cisco asaconfiguration:filename = [source/host IP]_YYYYMMDD_[idx].txt (idx = 001..\d\d\d)automatic file rotation (max file index 250) when event time has another date than the last log file (day change) -> index starts at 001 againorfile gets bigger than 64Mafter rotation moving file to (another) date folder "YYYYMMDD" (or compressing into an date archive file)remarks:the file rotation / size splitting does not have to happen immediatelythe moving/compressing after creating new log file(s) does not have to happen immediately

Hi,We encounter below error during the installation where directory /opt/nxlog was not created and agent not running.

Hi,I am using this code snipping<Input EventLOG>Module im_msvistalogExec if ($TargetUserName == 'SYSTEM') OR ($EventType == 'VERBOSE') drop();</Input>This is working fine with my nx-Client at Windows 11. It push notification at my debian server with installed rsyslog server.But I want to have some specific ID´s from Windows Eventlog.( e.g. 5013, 10016, 4616, 6869)Can anybody point me to the right way? Thanks in Advance for every help. Heinz  

Hello,We are setting up log collection from Azure Log Analytics workspace but the connection is not possible without B2B proxy. I see that Proxy setup is possible only with om_azure module. We need to read and collect the logs from the Azure environment and not to send it there. What should we do to make it happen? Without proxy the connection is not possible and we can't use nxlog for our new service. Is there any other module which could set the proxy by default etc. ? Thank you,Martin W.

We currently have a central logging server for our Windows Servers collecting and forwarding with NXLog to AlienVault.  We have a working config file currently that I would like to modify to be able to send two of the Windows Event ID's that are being collected to our NDR (Vectra).  What is the best route to be able to configure multiple sources and/or outputs? Currently we have two working configs, one for Vectra and one for AlienVault, but I'd like to “combine” them in a way that allows us to be able to send relevant data to their needed sources.AlienVault uses a patterndb.xml file for what events it wants to collect, Vectra just needs two specific event ID's that it calls out in the log file with the below line. It then outputs to an IP.  This seems like it should be pretty straight forward but I'd like to have it sort of configured/figured out before I bring down my AlienVault feed.We are also currently using the Nxlog community edition if that matters.<Input eventlog>   Module im_msvistalog<QueryXML> <QueryList>  <Query Id="0" Path="ForwardedEvents">  <Select Path="ForwardedEvents">*[System[(EventID=4768 or EventID=4769)]]</Select> </Query></QueryList></QueryXML></Input>

Hi, I am trying to use an ssl connection between client and server in "server-side authentication only" mode. I placed the certificates in the respective /conf folder of nxlog server. these are the current configurations: >>> CLIENT <<< <Output to_syslog_server> Module om_ssl Host 10.1.1.1 Port 516 Exec $Message = to_leef(); to_syslog_ietf(); </Output> >>> SERVER <<< <Input in_syslog_ssl> Module im_ssl Host 0.0.0.0 Port 516 CAFile %CERTDIR%/rootCA.pem CertFile %CERTDIR%/central.crt CertKeyFile %CERTDIR%/central.key KeyPass password FlowControl TRUE AllowUntrusted TRUE <Exec> if $raw_event =~ /LEEF/ parse_leef(); else parse_syslog(); </Exec> </Input> but it makes me this Error: 2019-09-06 17:43:26 ERROR remote ssl socket was reset? (SSL_ERROR_SSL with errno=9); End of file found Do you have any ideas to solve this? Thank you Antonio