Ask questions. Get answers. Find technical product solutions from passionate experts in the NXLog community.
Read a log with yesterdays date in the filename
James created
I'm successfully using this config format with im_file to read logs with todays date in the filename:'\\server.domain\Logs\IN' + strftime(now(), "%y%m%d") + '.log'One of our services writes its log for the previous day at 3am on the next day. The filename has yesterdays date. What's the easiest/neatest/most efficient way of reading this log please?
James created
im_tcp with InputType LineBased occasional truncated lines
sgcaveney created
Hi folks,We have an NXLog CE 3.2.2329 configuration using im_tcp with InputType LineBased, receiving blobs of JSON separated by newlines. The received data is passed to xm_perl and then relayed to an output.Under some conditions where there may be thousands of events per second, there is a very rare chance for one event to be truncated at the end yielding an incomplete json blob. We've verified that the input data coming from upstream is valid, fully formed JSON - the emitter encoding logs look OK. The preceeding and following lines are also received and parsed successfully. Has anybody else experienced similar behavior? At this point we suspect a bug in NXLog, considering that it occurs very infrequently (2-3 days between recurrences) and it only occurs during periods of relatively high load (normal load is ~150 events per second, load when issue occurs is ~800/s+)Relevant configuration: <Extension gelf>Module xm_gelf</Extension><Extension perl>Module xm_perlPerlCode /etc/nxlog/scripts/parse_mist.pl</Extension><Input mist_tcp>Module im_tcpHost 0.0.0.0Port 32768InputType LineBased<Exec>perl_call("parse_mist");if $nxlog_internal_drop_log drop();</Exec></Input><Output graylog>Module om_udpHost xPort 12201OutputType GELF</Output><Route graylog>Path mist_tcp => graylog</Route>
sgcaveney created
NXLog Platform Installation on Ubuntu 22.04.4 LTS
jash@techowl.in created
I've successfully installed the NXLog platform on Ubuntu 22.04.4 LTS, but I'm facing an issue with port 443 not being accessible. I’ve allowed port 443 through the firewall, but I still can't access the web console. I’ve checked the service status, and everything seems fine. Is there any configuration or additional steps I might have missed to get port 443 up and running?Any help would be appreciated. Thanks in advance!@Ayodele@2Emeka Nwankwo
jash@techowl.in created
NXLog CE misbehavior (may be bug or multithread issue) - variables lost or corrupt between stages.
tubecleaner created
I have setup with RHEL 7.9 (kernel 3.10.0-1160.108.1.el7.x86_64) / NXLog CE 3.2.2329 / Postgresql 15 vanilla / libdbi 8.4 with configuration:User nxlog
Group nxlog
include /etc/nxlog/nxlog.d/*.conf
LogFile /var/log/nxlog/nxlog.log
LogLevel DEBUG
<Extension charconv>
Module xm_charconv
</Extension>
<Input sqlite3_dbi>
Module im_dbi
SQL SELECT * FROM vw_tp_message
Driver sqlite3
Option dbname term_refdata.db
Option sqlite3_dbdir /app/data/monitoring
Option sqlite3_timeout 1000
PollInterval 5
SavePos TRUE
</Input>
<Output postgres_dbi>
Module om_dbi
SQL INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message)
VALUES ($SyslogFacility, $SyslogSeverity, $Hostname, '$EventTime', $SourceName, $Message)
Driver pgsql
Option host /var/run/postgresql
Option username srv_nxlog
Option dbname MSGLog
Exec $Message = convert($Message, "windows-1251", "utf-8");
</Output>
<Route sqlite_postgres>
Path sqlite3_dbi => postgres_dbi
</Route>There are only 2 records in sqlite database:$ sqlite3 -header /app/data/monitoring/term_refdata.db 'select * from vw_tp_message'
id|SyslogFacility|SyslogSeverity|Hostname|EventTime|SourceName|Message
1293441|USER|INFO|SERVER1-D1-CL|2024-09-12 00:18:22.540|tp_msg|Some text in Windows1251 encoding
1293442|USER|INFO|SERVER1-D1-CL|2024-09-12 00:41:04.677|tp_msg|Another text in Windows1251 encodingAnd this is what I get in nxlog.log:...
2024-09-12 16:54:59 DEBUG logdata missing or undef 'EventTime', setting to NULL
2024-09-12 16:54:59 DEBUG om_dbi SQL: INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Some text in Windows1251 encoding')
2024-09-12 16:54:59 ERROR [om_dbi.c:256/om_dbi_write()] -;[om_dbi.c:85/om_dbi_error()] om_dbi failed to execute SQL statement "INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Some text in Windows1251 encoding')". ERROR: invalid input syntax for type timestamp: "NULL";LINE 1: ... VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 't...; ^;[errorcode: 0]
...
2024-09-12 16:54:59 DEBUG logdata missing or undef 'EventTime', setting to NULL
2024-09-12 16:54:59 DEBUG om_dbi SQL: INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р?нициализация СЏРґСЂР° после перезапуска')
2024-09-12 16:54:59 ERROR [om_dbi.c:256/om_dbi_write()] -;[om_dbi.c:85/om_dbi_error()] om_dbi failed to execute SQL statement "INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р?нициализация СЏРґСЂР° после перезапуска')". ERROR: invalid input syntax for type timestamp: "NULL";LINE 1: ... VALUES ('USER', 'INFO', 'ABACUS-D1-CL', 'NULL', 't...; ^;[errorcode: 0]
...
2024-09-12 16:54:59 ERROR [expr.c:189/nx_expr_statement_execute()] assignment failed at line 61, character 70 in /etc/nxlog/nxlog.conf. statement execution has been aborted;[expr.c:90/nx_expr_statement_assignment_execute()] -;[expr.c:509/nx_expr_evaluate()] function 'convert' failed at line 61, character 69 in /etc/nxlog/nxlog.conf. expression evaluation has been aborted;[expr.c:279/nx_expr_eval_func()] -;[xm_charconv_funcproc_cb.c:283/nx_expr_func__convert()] -;[str.c:106/_nx_string_new_size()] oversized string (1688710), limit is 1048576 bytes
2024-09-12 16:54:59 DEBUG logdata missing or undef 'EventTime', setting to NULL
2024-09-12 16:54:59 DEBUG om_dbi SQL: INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р В Р’В РВ<C2>
2024-09-12 16:54:59 ERROR [om_dbi.c:256/om_dbi_write()] -;[om_dbi.c:85/om_dbi_error()] om_dbi failed to execute SQL statement "INSERT INTO msglog.msglog (facility, severity, hostname, timestamp, application, message) VALUES ('USER', 'INFO', 'SERVER1-D1-CL', 'NULL', 'tp_msg', 'Р В Р’ВРР<E2><80>
...As you can see, logdata variable $EventTime just disappear and $Message get corrupted after some retries (note: om_dbi retries crazy fast - about 50000 time every few seconds). If I change om_dbi to simple om_file then all works fine. Another note: this configuration worked fine some time since initial setup, but now error appear every time (maybe postgresql query time affects it?)
tubecleaner created
Receiving Windows DHCP logs are missing
Chung Wang created
Please give me some advice. When I used nxlog to receive DHCP server logs, I found that the logs were missing and the nxlog logs showed error messages. INFO inode changed for 'E:\DHCP\DhcpSrvLog-Fri.log' (56→56): reopening possibly rotated file
Chung Wang created
Is it possible to "reset the baseline" for the File Integrity module?
elazur@ecampus.com created
We currently have NXLog running on Windows 2019 with the file integrity module that monitors files in sub directories under a main directly. I.E. Say we have about 20 subdirectories for files under a directory called c:\code. If any file is changed/deleted/added under that directory, an alert message is sent out via the OM_UDP module to our siem. The problem I am looking to resolve, is that I will be copying over about 10 new directories with hundreds of files in each directory, and I don't want NXLog to generate hundreds of alerts because it found new files and directories. Is there a way to “reset” or “refresh” the baseline after the new files/folders are copied over so it will know those files should be there?
elazur@ecampus.com created
Unable to download Community addition
damiany@terrane.net created
I havent been able to download the files for any of the community edition agents. https://nxlog.co/downloads/nxlog-ce#nxlog-community-edition , select the OS version and click Download. 5 sec later I get a pop up stating “Undefined”. I have tried on different Browsers, platforms, and workstations and there is no change in the behavior.
damiany@terrane.net created
NXLog Manager 5.7.5
billychua created
Hi,Could you please advise on how to replace the NXLog-Manager's self-signed certificate for the HTTPS console?The steps in the following article do not apply to version 5.7.5:https://docs.nxlog.co/manager/current/installation/https.htmlPlease help. Thanks.Regards, Billy
billychua created
Nxlog Manager integrate with LDAPS
billychua created
I'm trying to integrate with LDAPS and do have some issue. I'm using the below document and below is the command to import LDAPS certificate into the cacerts keystore. keytool -keystore <PATH_TO_JRE>/lib/security/cacerts -import -alias \ certificate -file <PATH_TO_CERTIFICATE>/certificate.cerWhen i try to import the certificate and they are asking for the keystore password. I assume this keystore was created during installation not sure what is the password.Need to check whether anyone know what is the keystore password?https://docs.nxlog.co/manager/current/users/index.html
billychua created
jQuery vulnerability in nxlog-manager-5.5.5398
sgiliyal created
Greetings!
I have a vulnerability in jQuery to be addressed in the nxlog manager v5 (5.5.5398).
This is related to XSS vulnerabilities from the version of jQuery installed (1.8.3, 1.9.2 ui) .
Will upgrading Manager to 5.6.5633 resolve the issue and update jQuery to 3.5.0+ ?
If not, please can you provide steps to update jQuery manually?
Thanks!
Shyam (on behalf of Shashidhar Ghiliyal)
sgiliyal created
APPCRASH on Windows in Module im_msvistalog - Logs and Config added
reesthil created
Hi,sorry, just added config an logs….We have some installations of NXLOG in Version 3.2.2339. This works fine, but every 5 to 10 minutes we find exactly 50 events showing a crash of nxlog.exe in module im_msvistalog.Problem signature: P1: nxlog.exe P2: 0.0.0.0 P3: 643951bd P4: im_msvistalog.dll P5: 0.0.0.0 P6: 643951bd P7: c0000005 P8: 00000000000045b2 P9: P10: Any suggestions how to fix that?Thanks & Best regards, Thilo nxlog.cfg:define ROOT C:\Program Files\nxlog
define CERTDIR %ROOT%\cert
define CONFDIR %ROOT%\conf
define LOGDIR %ROOT%\data
define LOGFILE %LOGDIR%\nxlog.log
LogFile %LOGFILE%
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
<Extension gelf>
Module xm_gelf
</Extension>
<Input eventlog>
Module im_msvistalog
Query <QueryList>
<Query Id="0">
<Select Path="Application"></Select>
<Select Path="System"></Select>
<Select Path="Security"></Select>
<Select Path="Microsoft-Windows-Windows Defender/Operational"></Select>
</Query>
</QueryList>
</Input>
<Output tcp>
Module om_tcp
Host graylog.xxxx.yyyy
Port 12202
OutputType GELF_TCP
Exec $Hostname = 'hostXYZ.xxxx.yyyy';
</Output>
<Route eventlog_to_udp>
Path eventlog => tcp
</Route>Crash-Event:Debug-Log atTime of Event (19:46:37)2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49f0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d48b0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b890
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d49a0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4a40
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG new event in event_thread [eventlog:READ]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: READ (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG no events or no future events, event thread sleeping in condwait
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b570
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: READ (eventlog)
2024-02-14 19:46:37 DEBUG im_msvistalog checking for new events...
2024-02-14 19:46:37 DEBUG im_msvistalog read 21 events
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4a90
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1449 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7f0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4770
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4900
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4810
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 1
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 2
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4860
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b660
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4950
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4900
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1479 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4810
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b700
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1883 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49f0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1843 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 2011 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4770
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 2019 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b660
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4900
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1769 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b890
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4a90
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1800 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d48b0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4a40
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49a0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 1
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp sent 8161 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 2
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1843 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4950
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 2025 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d03f0
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b750
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG new event in event_thread [eventlog:READ]
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG future event, event thread sleeping 1000000ms in cond_timedwait
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d0580
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp sent 1985 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d04e0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b7f0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0490
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d0580
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0530
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d03f0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0490
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d04e0
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
reesthil created
INPUT SSL ERROR
Stanislav created
Hello!
I need to process input syslog events via tls.
But in the nxlog.log I have the following errors:
2020-02-18 16:19:01 INFO SSL connection accepted from XX.XX.XX.XX:52616
2020-02-18 16:19:01 ERROR SSL error, SSL_ERROR_SSL: retval 0, reason: sslv3 alert certificate unknown
2020-02-18 16:19:01 WARNING SSL connection closed from XX.XX.XX.XX:52616
When I try to DEBUG I've got the following events:
2020-02-18 16:27:54 DEBUG worker 0 got signal for new job
2020-02-18 16:27:54 DEBUG worker 0 got no event to process
2020-02-18 16:27:54 DEBUG worker 0 waiting for new event
2020-02-18 16:27:54 DEBUG no events or no future events, event thread sleeping in condwait
2020-02-18 16:27:54 DEBUG [in_syslog_tcp_ssl] no poll events, pollset_poll timed out
2020-02-18 16:27:54 DEBUG nx_event_to_jobqueue: POLL (in_syslog_tcp_ssl)
2020-02-18 16:27:54 DEBUG event added to jobqueue
2020-02-18 16:27:54 DEBUG worker 2 processing event 0x7f0d140008c0
2020-02-18 16:27:54 DEBUG PROCESS_EVENT: POLL (in_syslog_tcp_ssl)
2020-02-18 16:27:54 DEBUG nx_module_pollset_poll: in_syslog_tcp_ssl
2020-02-18 16:27:54 DEBUG worker 1 got signal for new job
2020-02-18 16:27:54 DEBUG worker 1 got no event to process
2020-02-18 16:27:54 DEBUG worker 1 waiting for new event
2020-02-18 16:27:54 DEBUG no events or no future events, event thread sleeping in condwait
2020-02-18 16:27:54 DEBUG [in_syslog_tcp_ssl] no poll events, pollset_poll timed out
2020-02-18 16:27:54 DEBUG nx_event_to_jobqueue: POLL (in_syslog_tcp_ssl)
2020-02-18 16:27:54 DEBUG event added to jobqueue
2020-02-18 16:27:54 DEBUG worker 2 processing event 0x7f0d14000910
2020-02-18 16:27:54 DEBUG PROCESS_EVENT: POLL (in_syslog_tcp_ssl)
2020-02-18 16:27:54 DEBUG nx_module_pollset_poll: in_syslog_tcp_ssl
2020-02-18 16:27:54 DEBUG worker 3 got signal for new job
2020-02-18 16:27:54 DEBUG worker 3 got no event to process
2020-02-18 16:27:54 DEBUG worker 3 waiting for new event
2020-02-18 16:27:54 DEBUG no events or no future events, event thread sleeping in condwait
My input configuration:
<Input in_syslog_tcp_ssl>
Module im_ssl
Host 0.0.0.0
Port 12514
CAFile /opt/nxlog/ssl/rootCA.pem
AllowUntrusted TRUE
RequireCert FALSE
CertFile /opt/nxlog/ssl/server.crt
CertKeyFile /opt/nxlog/ssl/server.key
InputType Syslog_TLS
KeyPass XXXXXXXXXX
Exec parse_syslog();
</Input>
I create certificates by this guide: https://nxlog.co/documentation/nxlog-user-guide/encrypted.html#openssl-certs
I trying to use different variation with "AllowUntrusted", "RequireCert", but it's not working for me.
Stanislav created
Collecting Meditech logs
farrisk01 created
Greetings All,I'm attempting to collect logs from a Meditech server and having a bit of an issue getting the conf file working. Nxlog.log does not show an error but the conf is not writing to the output file.. Typical log that will need to be parsed looks something like this(There is inconsistent spacing in the log):[2024-06-020T04:03:52.593Z maintenance 3 10152 - - Info] Beginning maintenance cycle...And I'm attempting to parse and send it to a file with this:#
# Configuration for converting and sending MediTech Logs
#
#Configure Root
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
#Load Modules
<Extension json>
Module xm_json
</Extension>
<Extension syslog>
Module xm_syslog
</Extension>
<Input internal>
Module im_internal
</Input>
#######################################################################
MediTech
#######################################################################
Define the input source: MediTech logs
<Input MEDITECH_IN>
Module im_file
File "C:\MediTech\s1.log"
<Exec>
if $raw_event =~ /(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\s+(\S+)\]\s+(.*)$/
{
$raw_event = "Time: " + $EventTime + "," + "C1: " + $2 + "," + "C2: " + $3 + "," + "C3: " + $4 + "," + "C4: " + $5 + "," + "C5: " + $6 + "," + "C6: " + $7;
}
</Exec>
</Input>
Define the output destination: forwarding to a central syslog server
<Output MEDITECH_OUT>
Module om_file
File "C:\MediTech\s1_exec_out.txt"
Exec $Message = $raw_event;
</Output>
<Route MEDITECH>
Path MEDITECH_IN => MEDITECH_OUT
</Route>Also, if I'm way off base with the parsing method please let me know.Any assistance would be appreciated.
farrisk01 created
Parse log with unicode characters hanging out
cschelin created
I'm attempting to parse a Cerberus FTP log file. What I wind up with:{
"EventReceivedTime": "2024-08-01 16:11:37",
"SourceModuleName": "cerberus_log",
"SourceModuleType": "im_file",
"message": "[\u00002\u00000\u00002\u00004\u0000-\u00000\u00008\u0000-\u00000\u00001\u0000 \u00001\u00006\u0000:\u00001\u00001\u0000:\u00003\u00006\u0000]\u0000:\u0000C\u0000O\u0000N\u0000N\u0000E\u0000C\u0000T\u0000 \u0000[\u00001\u00005\u00002\u00004\u00009\u00002\u0000]\u0000 \u0000-\u0000 \u0000C\u0000o\u0000n\u0000n\u0000e\u0000c\u0000t\u0000i\u0000o\u0000n\u0000 \u0000t\u0000e\u0000r\u0000m\u0000i\u0000n\u0000a\u0000t\u0000e\u0000d\u0000"
}I've tried this, to no avail:<Input cerberus_log>
Module im_file
File "C:\ProgramData\Cerberus LLC\Cerberus FTP Server\log\server.1.log"
<Exec>
$message = convert($raw_event, "utf-8", "iso8859-2"); if $message =~ s/(.)\\u0000// $message = $1;
to_json();
</Exec>
</Input>How can I properly parse the log to remove the \u0000 characters before it goes out?
cschelin created
Logs from centralised solution does not pass host field in some instances
esky created
We have a distributed solution and a centralised solutionBoth send events to Splunk (I'm the Splunk Admin)100% of the distributed events have the host field present.About 50% of the centralised events have the host field missing and show :Hostname: ?Any idea why this would be? is this a misconfiguration on the centralised host somewhere? or on the agentless side?Module:SourceModuleName: in_audit_pipe SourceModuleType: im_pipeThanks.
esky created
UDP JSON parsing issues: premature EOF, trailing garbage
Caleb Hornbeck created
I'm encountering some errors with a combination of JSON and UDP inputs/processing. After these errors start occurring, the nxlog process eventually gets killed by the system (or maybe crashes? I'm having a hard time determining that at this point.). It appears that nxlog receives some unexpected data via UDP, and then gets into some sort of loop about “map key name not found” until it eventually crashes. Based on the log below, I'm wondering if it has to do with fragmentation of the UDP packets, maybe receiving them out of order and not being reassembled properly before it gets to the point of being processed by the JSON transformer in NXlog?This particular instance is on a Rocky Linux 8 server, with nxlog-ce-3.2.2329. The general setup here is a local source sends JSON messages over UDP to nxlog via 127.0.0.1, and then nxlog handles the secure connection for sending the message to our Graylog server.Here's the applicable portion of the config. (Edit: I have no idea what's going on with the formatting of this code block; I've tried editing it several times, but I can't seem to get it to look normal. I'll just take it out of a code block and put some markers around it.)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<Output gelf> Module om_ssl Host <redacted: jinja2 var> Port 12202 AllowUntrusted True OutputType GELF_TCP <Exec> # These fields are needed for Graylog $gl2_source_collector = '<redacted: jinja2 var>'; $collector_node_id = '<redacted: jinja2 var>'; </Exec> <Schedule> When <redacted: jinja2 var> Exec reconnect(); </Schedule></Output><Input local_json_udp> Module im_udp Host 127.0.0.1 Port 12201 SockBufSize 150000000</Input><Processor local_json_udp_buffer> Module pm_buffer MaxSize 4096 Type Mem WarnLimit 3072</Processor><Processor local_json_udp_transform> Module pm_transformer InputFormat JSON</Processor><Route upd_fwd> Priority 1 Path local_json_udp => local_json_udp_buffer => local_json_udp_transform => gelf</Route>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~This is a relatively old config, so there are some things that have just been copied from previous versions as it's evolved, such as the 150M socket buffer on the UDP input, but only 4K on the internal buffer. Feel free to comment on changes to those, too.Here's the portion of the log from just before where the issue starts through the process crash, with sensitive data redacted. This is from the system journal. I don't believe the log file rotation ins part of the issue, but I included them for timing reference.Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: partial file path 1>2024-07-16 08:23:57 ERROR failed to parse json string, parse error: premature EOF; {"short_message":"[backtrace] A; (right here) ------^; [{"short_message":"[backtrace] A query is being a memory hog","full_message":"\n\t\t\t\tSELECT <redacted: mysql fields>\n\t\t\t\tFROM <redacted: mysql table>\n\t\t\t\tLEFT JOIN <redacted: mysql join> \nLEFT JOIN <redacted: mysql join> \nLEFT JOIN <redacted: mysql join> \n\t\t\t\tWHERE d.id IN(8654)\n\t\t\t\t\n\t\t\t\t\n\t\t\t\tORDER BY d.title ASC\n\t\t\t\t\n\t\t\t","SourceModuleType":"app_generated_msg","SourceModuleName":"php_graylog","SourceName":"app_pro_memory_log","memory_usage":200308768,"query_instance":"c32d1cc9f5caa42fa04a63761a736e71","backtrace":"[\n {\n \"file\": \"<redacted: truncated json-escaped path>
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR failed to parse json string, parse error: trailing garbage; 6182,\n 6186,\n ; (right here) ------^; [ 6182,\n 6186,\n 6187,\n 6188,\n 6189,\n 6190,\n 6191,\n 6192,\n 6193,\n 6194,\n 6195,\n 6196,\n 6197,\n 6198,\n 6199,\n 6200,\n 6201,\n 6203,\n 6204,\n 6205,\n 6206,\n 6207,\n 6208,\n 6209,\n 6210,\n 6211,\n 6212,\n 6213,\n 6214,\n 6215,\n 6216,\n
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 WARNING data in pm_buffer reached 3073 kbytes
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 WARNING pm_buffer is full (4100 kbytes)!
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found
Jul 16 08:24:00 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:00 ERROR last message repeated 296744 times
Jul 16 08:24:00 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:00 ERROR map key name not found
Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found
Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found
Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found
Jul 16 08:24:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:05 ERROR last message repeated 323811 times
Jul 16 08:24:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:05 ERROR map key name not found
Jul 16 08:24:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:08 ERROR last message repeated 304470 times
Jul 16 08:24:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:08 ERROR map key name not found
Jul 16 08:24:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:11 ERROR last message repeated 265201 times
Jul 16 08:24:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:11 ERROR map key name not found
Jul 16 08:24:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:14 ERROR last message repeated 254768 times
Jul 16 08:24:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:14 ERROR map key name not found
Jul 16 08:24:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:17 ERROR last message repeated 267045 times
Jul 16 08:24:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:17 ERROR map key name not found
Jul 16 08:24:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:20 ERROR last message repeated 333813 times
Jul 16 08:24:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:20 ERROR map key name not found
Jul 16 08:24:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:23 ERROR last message repeated 293331 times
Jul 16 08:24:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:23 ERROR map key name not found
Jul 16 08:24:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:26 ERROR last message repeated 274896 times
Jul 16 08:24:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:26 ERROR map key name not found
Jul 16 08:24:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:29 ERROR last message repeated 274099 times
Jul 16 08:24:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:29 ERROR map key name not found
Jul 16 08:24:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:32 ERROR last message repeated 215508 times
Jul 16 08:24:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:32 ERROR map key name not found
Jul 16 08:24:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:35 ERROR last message repeated 227820 times
Jul 16 08:24:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:35 ERROR map key name not found
Jul 16 08:24:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:38 ERROR last message repeated 215476 times
Jul 16 08:24:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:38 ERROR map key name not found
Jul 16 08:24:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:41 ERROR last message repeated 249382 times
Jul 16 08:24:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:41 ERROR map key name not found
Jul 16 08:24:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:44 ERROR last message repeated 262639 times
Jul 16 08:24:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:44 ERROR map key name not found
Jul 16 08:24:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:47 ERROR last message repeated 228055 times
Jul 16 08:24:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:47 ERROR map key name not found
Jul 16 08:24:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:50 ERROR last message repeated 244952 times
Jul 16 08:24:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:50 ERROR map key name not found
Jul 16 08:24:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:53 ERROR last message repeated 230802 times
Jul 16 08:24:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:53 ERROR map key name not found
Jul 16 08:24:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:56 ERROR last message repeated 270445 times
Jul 16 08:24:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:56 ERROR map key name not found
Jul 16 08:24:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:59 ERROR last message repeated 276170 times
Jul 16 08:24:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:59 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:05 ERROR last message repeated 218827 times
Jul 16 08:25:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:05 ERROR map key name not found
Jul 16 08:25:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:08 ERROR last message repeated 241344 times
Jul 16 08:25:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:08 ERROR map key name not found
Jul 16 08:25:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:11 ERROR last message repeated 239566 times
Jul 16 08:25:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:11 ERROR map key name not found
Jul 16 08:25:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:14 ERROR last message repeated 216182 times
Jul 16 08:25:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:14 ERROR map key name not found
Jul 16 08:25:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:17 ERROR last message repeated 219382 times
Jul 16 08:25:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:17 ERROR map key name not found
Jul 16 08:25:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:20 ERROR last message repeated 210542 times
Jul 16 08:25:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:20 ERROR map key name not found
Jul 16 08:25:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:23 ERROR last message repeated 219382 times
Jul 16 08:25:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:23 ERROR map key name not found
Jul 16 08:25:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:26 ERROR last message repeated 215193 times
Jul 16 08:25:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:26 ERROR map key name not found
Jul 16 08:25:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:29 ERROR last message repeated 218181 times
Jul 16 08:25:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:29 ERROR map key name not found
Jul 16 08:25:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:32 ERROR last message repeated 218710 times
Jul 16 08:25:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:32 ERROR map key name not found
Jul 16 08:25:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:35 ERROR last message repeated 218381 times
Jul 16 08:25:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:35 ERROR map key name not found
Jul 16 08:25:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:38 ERROR last message repeated 279278 times
Jul 16 08:25:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:38 ERROR map key name not found
Jul 16 08:25:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:41 ERROR last message repeated 254365 times
Jul 16 08:25:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:41 ERROR map key name not found
Jul 16 08:25:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:44 ERROR last message repeated 246005 times
Jul 16 08:25:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:44 ERROR map key name not found
Jul 16 08:25:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:47 ERROR last message repeated 232794 times
Jul 16 08:25:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:47 ERROR map key name not found
Jul 16 08:25:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:50 ERROR last message repeated 256292 times
Jul 16 08:25:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:50 ERROR map key name not found
Jul 16 08:25:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:53 ERROR last message repeated 210924 times
Jul 16 08:25:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:53 ERROR map key name not found
Jul 16 08:25:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:56 ERROR last message repeated 210623 times
Jul 16 08:25:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:56 ERROR map key name not found
Jul 16 08:25:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:59 ERROR last message repeated 248391 times
Jul 16 08:25:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:59 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR last message repeated 195119 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: <redacted: partial file path 2>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR last message repeated 4494 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR last message repeated 821 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR last message repeated 195472 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR last message repeated 35 times
...
Jul 16 08:27:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:26 ERROR last message repeated 205422 times
Jul 16 08:27:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:26 ERROR map key name not found
Jul 16 08:27:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:29 ERROR last message repeated 214852 times
Jul 16 08:27:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:29 ERROR map key name not found
Jul 16 08:27:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:32 ERROR last message repeated 104496 times
Jul 16 08:27:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:32 ERROR map key name not found
Jul 16 08:27:36 <redacted: hostname> systemd[1]: nxlog.service: Main process exited, code=killed, status=9/KILL
Jul 16 08:27:36 <redacted: hostname> systemd[1]: nxlog.service: Failed with result 'signal'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The unit nxlog.service has entered the 'failed' state with result 'signal'.The log mostly consisted of the the log file rotation messages previous to this portion of it, with the occasional notification of the reconnect. The <redacted: partial file path 2> is the second half of the previous <redacted: partial file path 1>, so everything between them got inserted in the middle of that message being written to the log.The input JSON looks very GELF-esqe, but modified since NXLog CE doesn't support a GELF input. The exact message varies per error instance, but it does seem to be a consistently larger message (I've determined this by finding the origination point of the message from within the code of the local source), hence my suspicion of the underlying source being a limitation in the network stack.Any guidance on what's going on would be great. The “map key name not found” error is pretty vague, and I can't find much about it online or in this forum, but I also think that it's just a side effect to the issues that appear to happen before it.
Caleb Hornbeck created
syslog configuration in ce edition
TomLpz created
Hello, i am trying free alternatives for our old syslog software. Before investing a lot of time can you tell me if it is possible to realize the following syslog configuration?If someone has a similar syslog cofiguration and can post an example config or give me some advice that would be really nice.environment:Windows Server 2022NxLog CE 3.2.2329syslog source:cisco asaconfiguration:filename = [source/host IP]_YYYYMMDD_[idx].txt (idx = 001..\d\d\d)automatic file rotation (max file index 250) when event time has another date than the last log file (day change) -> index starts at 001 againorfile gets bigger than 64Mafter rotation moving file to (another) date folder "YYYYMMDD" (or compressing into an date archive file)remarks:the file rotation / size splitting does not have to happen immediatelythe moving/compressing after creating new log file(s) does not have to happen immediately
TomLpz created
NXLOG CE Installation Error
ServicesDelivery created
Hi,We encounter below error during the installation where directory /opt/nxlog was not created and agent not running.
ServicesDelivery created
im_msvistalog --> Exec if or drop statement understanding problem
hkrischeu created
Hi,I am using this code snipping<Input EventLOG>Module im_msvistalogExec if ($TargetUserName == 'SYSTEM') OR ($EventType == 'VERBOSE') drop();</Input>This is working fine with my nx-Client at Windows 11. It push notification at my debian server with installed rsyslog server.But I want to have some specific ID´s from Windows Eventlog.( e.g. 5013, 10016, 4616, 6869)Can anybody point me to the right way? Thanks in Advance for every help. Heinz
hkrischeu created
