I am having an issue with nxlog manager docker version starting up. After running docker-compose up and waiting, the webpage is never accessible. When looking in the logs I see nxlog-manager constantly exiting with code 1 and restarting. Below are some of the logs, anyone have ideas on this?
I'm trying to collect EventID 4624 and 4634 for Logon Type 10, to store RDP access to my 2 Domain Controllers.
My issue:
Additional info:
Hello, after upgrading to nxlog v5, we ran into the problem while nxlog hangs. Last message in log in 95% cases is:
2021-02-24 15:12:46 ERROR [im_msvistalog|winlog] Couldn't retrieve eventlog fields from xml, EvtRender() failed; The data area passed to a system call is too small.
We are searching for logs that triggers that condition with log_info($raw_event); and discovered:
4104 from PowerShell/Operational
My team is currently experiencing an issue with duplicate logs being produced in NXLog's outbound syslog feed. NXLog is reading from a flat file and sending a syslog feed to another machine for processing. Running a TCPdump for the incoming data on that second machine shows that multiple copies of the same log are being sent by NXlog.
Is there a package to install the 'help' button's content for NXLog-Manager's UI? When any of the help buttons are clicked in any section, an error is produced. Looking where the content should be, doesn't reflect the links the button is attempting to access. Suggestions?