We have a requirement to send Windows Event logs over an encrypted channel with client authentication.
The issue is, the certificates in our infrastructure are stored in the Computer Certificates store with private keys that are marked as non-exportable.
Hi there,
I'm having a little trouble trying to filter events with patterndb.xml
I'm sending logs to our SIEM but despite the corresponding event ID's missing from patterndb they are still getting pushed.
I think my configuration setup is over ruling the patterndb config.
Can you please review?
Thanks for your time.
Hi,
This is my sql_fetch command :
$Retval = sql_fetch("SELECT ServerName, Transmission FROM dbo.SrvAuth WHERE ServerName = ?", $MachineCourt);
This command does find the right record based on ServerName but it is always putting the second field, $Transmission, to the value FALSE.
Hello!
I need to process input syslog events via tls.
But in the nxlog.log I have the following errors:
2020-02-18 16:19:01 INFO SSL connection accepted from XX.XX.XX.XX:52616
2020-02-18 16:19:01 ERROR SSL error, SSL_ERROR_SSL: retval 0, reason: sslv3 alert certificate unknown
2020-02-18 16:19:01 WARNING SSL connection closed from XX.XX.XX.XX:52616
When I try to DEBUG I've got the following events:
When NXLog formats the the Event Log as om_out it formats the JSON correctly
