Hi all,
I am new here, so hello.
I am trying to work out a solution to collect IIS Access Log data from Azure App Services and then forward to a SIEM such as Splunk, Loggly or ElasticSearch for Security analysis, Anomoly identification and alerting.
hi,
Is somebody has got an experience of im_dbi ?
I tried this example but /tmp/output is filled of blank char ?
I checked nxlog log at starting, everything is OK.
Driver mysql has been installed correcly
Hello!
I've been fighting for a week, but the ideas have ended.
When you delete files, Windows generates 2 Events 4663 then 4660.
In EventID:4663 there is a file name, in EventID:4660 there is a result.
The Marker can use the EventRecordID, which will differ by 1 for these two events.
The idea with the help pm_evcorr add in EventID:4663 field from EventID:4660.
As far as I understood, the design should be this:
1. EventID:4663 arrives
Hello!
I'm trying to deploy nxlog with GPO on windows, but sims like MSI package from https://nxlog.co/products/nxlog-community-edition/download not working properly.
After creating GPO nothing happens, I have tried install as well with scrip (cmd /c Msiexec /I \\file server\share\nxlog-ce-2.9.1716.msi /qn) nothing.
Hello everybody,
I'm sorry to bother you with another question concerning Windows Eventlog forwarding to graylog. Unfortunately I'm not able to figure this out on my own.
used versions:
nxlog 2.10.2102 (running on Windows Server 2016)
graylog 2.4.6 (running on Debian 9)
I have two nxlog setups. One using syslog and another one using GELF. Both do not work as I would expect.
1. Syslog
