Community Forum

Post a question
1
answer

Windows 2012r2 (and possibly others) NXLog parsing issue?

Hello,

We are using NXLog extensively and just recently started seeing some parsing issues, so far specifically on Windows 2012r2 using Windows Event Forwarding, but could be others. It appears to be something with processing self-closed tags at first glance, but I've done a little bit of testing myself and couldn't directly reproduce the problem (so far), so figured I'd come here for guidance. Specific details are included below.

AskedOctober 31, 2019 - 1:12pm
0
answers

The log files are not providing me enough information to figure out whats wrong!!

Here are the error messages:

2019-10-30 11:38:17 INFO nxlog-ce-2.10.2150 started
2019-10-30 11:38:22 WARNING stopping nxlog service
2019-10-30 11:38:22 WARNING nxlog-ce received a termination request signal, exiting...

Conf file:

define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

AskedOctober 30, 2019 - 8:10pm
1
answer

xm_filelist module configuration

There is no detailed description of the use of the xm_filelist module in the manual.
I made a configuration based on the guide https://nxlog.co/question/4095/drop-win-event-message-based-text-file-content, but it does not work.
Help me, why the configuration does not work?

<Extension Testlist>
Module xm_filelist
File "c:\logs\List\Testlist.txt"
CheckInterval 600
</Extension>

AskedOctober 28, 2019 - 4:53pm
0
answers

xm_filelist module configuration

There is no detailed description of the use of the xm_filelist module in the manual.
I made a configuration based on the guide https://nxlog.co/question/4095/drop-win-event-message-based-text-file-content, but it does not work.
Help me, why the configuration does not work?

<Extension Testlist>
Module xm_filelist
File "c:\logs\List\Testlist.txt"
CheckInterval 600
</Extension>

AskedOctober 28, 2019 - 4:52pm
1
answer

Some windows devices not reporting while the majority will

Good day everyone!

I am starting to use NXLog:CE in my environment and am having a few windows devices not reporting to my Observium server. I have the same .conf deployed across all windows devices. I am attempting to pattern hunt what could be different but being enterprise devices they are not configured much differently. I have a local debug file running and I am seeing events being written on all devices.

AskedOctober 23, 2019 - 3:08am

Pages