How to verify centralized logging is set up on a Windows server and/or endpoint

My question here is:

If I want to scan an asset to verify that event logs are getting forwarded via NXLog configuration, where will I find the evidence on the device that is sending the logs to the NXLog collector? Will this be somewhere in the registry, or should I look somewhere else?

AskedJuly 7, 2022 - 7:31pm

NXLog unable to keep up with logs being produced

We currently have 1 Nagios Log server to record logs and 1 windows server with NXlog installed, which has 2 types of logs, TLIB and SIP, from one folder. There are 16 TLIB logs and only 1 SIP log with around 25 increments of each. Both generate a 51,201kb file with 429780 lines and have a total of 483 files in the log folder.

AskedJuly 6, 2022 - 10:56am

[im_ssl|ssl] binary header not found at position 0 in data received

I'm receiving this error when sending Palo Alto logs to my NXLog v5 environment. On Palo Alto side, I have selected CEF format, and the Delimiter field is set to Space:" " (that's my only option)

2022-07-01 18:18:48 ERROR [im_ssl|ssl] binary header not found at position 0 in data received from logforwarding.us.cdl.paloaltonetworks.com (, is input really binary?

Any idea's??

AskedJuly 2, 2022 - 12:28am

Single source with 40K EPS

Hi Team,
I have a single log source that is pumping around 40K EPS, which our NX server is unable to handle, my question is how do I increase the log ingestion capacity.
Current setup on an AWS VM:
Ubuntu 20.04 LTS
8 CPU, 32GB Ram, 32gb SSD
As per my understanding we needed to increase the number of routes tied to the input, as well as the average event size and batch sizes, hence edited the nxlog.con file with following

AskedJune 30, 2022 - 9:05am

How does NXLog-Manager Housekeep Logs


The log folder is /opt/nxlog-manager/log

2 files will be there. nxlog-manager.log and nxlog-manager.err

How do I control the housekeeping of these 2 files ?

Please kindly advise. Thanks !

AskedJune 27, 2022 - 11:30am