Ask questions. Get answers. Find technical product solutions from passionate experts in the NXLog community.
README: how to ask questions effectively
gahorvath Nxlog ✓ created
Hi All,please adhere to the guidelines below to get faster responses to your queries.1 State the problem clearly:I am trying to collect logs from a log file using im_file and NXLog reads the whole file after each restart.2 Provide your configurationin a code block:
```
configuration text
```3 provide the contents of nxlog.log in a code block2023-04-12 08:00:27 INFO [CORE|main] configuration OK
2023-04-12 08:00:27 INFO [CORE|main] nxlog-5.7.7898 (68bb24e7e@REL_v5.7) started on Linux
2023-04-12 08:00:27 INFO [om_batchcompress|to_relay] connecting to lab1.home(192.168.14.52):2514
2023-04-12 08:00:27 INFO [om_batchcompress|to_relay] tcp connection established with lab1.home(192.168.14.52):2514
2023-04-12 08:00:27 INFO [xm_admin|admin] connecting to lab1.home(192.168.14.52):4041
2023-04-12 08:00:27 INFO [xm_admin|admin] tcp connection established with lab1.home(192.168.14.52):4041
2023-04-12 08:00:28 INFO [im_fim|fim] Module 'fim': FIM scan started
2023-04-12 08:00:28 ERROR [im_fim|fim] Module 'fim' could not open file '/opt/nxlog/bin/upgrade-nxsec.sh': Permission denied
2023-04-12 08:00:28 INFO [im_fim|fim] Module 'fim': FIM scan finished in 0.05 seconds. Scanned folders: 15 Scanned files: 102 Read file bytes: 156746314 provide environment descriptionNXLog CE is running on Windows 2022 server Package version is 3.2.23295 provide relevant detailsThis configuration has been working before we updated from version 2.11Now it does not6 if your problem involves parsing data provide samples of your input and expected output as well as what you actually getMy data looks like this:{"message": “message1”, "time": Thu 20 Apr 10:48:43 CEST 2023}I am getting an error:> error message hereI would like to receive the time in UNIX time (seconds since Epoch)Using this format enables us to get started much faster, and perhaps address your issue in the very first response we writeWould that not be great? :) Thanks for your cooperation!Gabor
gahorvath Nxlog ✓ created
APPCRASH on Windows in Module im_msvistalog - Logs and Config added
reesthil created
Hi,sorry, just added config an logs….We have some installations of NXLOG in Version 3.2.2339. This works fine, but every 5 to 10 minutes we find exactly 50 events showing a crash of nxlog.exe in module im_msvistalog.Problem signature: P1: nxlog.exe P2: 0.0.0.0 P3: 643951bd P4: im_msvistalog.dll P5: 0.0.0.0 P6: 643951bd P7: c0000005 P8: 00000000000045b2 P9: P10: Any suggestions how to fix that?Thanks & Best regards, Thilo nxlog.cfg:define ROOT C:\Program Files\nxlog
define CERTDIR %ROOT%\cert
define CONFDIR %ROOT%\conf
define LOGDIR %ROOT%\data
define LOGFILE %LOGDIR%\nxlog.log
LogFile %LOGFILE%
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
<Extension gelf>
Module xm_gelf
</Extension>
<Input eventlog>
Module im_msvistalog
Query <QueryList>
<Query Id="0">
<Select Path="Application"></Select>
<Select Path="System"></Select>
<Select Path="Security"></Select>
<Select Path="Microsoft-Windows-Windows Defender/Operational"></Select>
</Query>
</QueryList>
</Input>
<Output tcp>
Module om_tcp
Host graylog.xxxx.yyyy
Port 12202
OutputType GELF_TCP
Exec $Hostname = 'hostXYZ.xxxx.yyyy';
</Output>
<Route eventlog_to_udp>
Path eventlog => tcp
</Route>Crash-Event:Debug-Log atTime of Event (19:46:37)2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49f0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d48b0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b890
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d49a0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4a40
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG new event in event_thread [eventlog:READ]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: READ (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG no events or no future events, event thread sleeping in condwait
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b570
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: READ (eventlog)
2024-02-14 19:46:37 DEBUG im_msvistalog checking for new events...
2024-02-14 19:46:37 DEBUG im_msvistalog read 21 events
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4a90
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1449 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7f0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4770
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4900
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4810
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 1
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 2
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4860
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b660
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4950
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4900
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1479 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1292 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4810
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b700
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1883 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49f0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1843 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b7a0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 2011 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4770
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 2019 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b660
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4900
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1769 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b890
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d4a90
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1800 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d48b0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b5c0
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4a40
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d49a0
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 1
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp sent 8161 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 2
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 1843 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d4950
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG om_tcp sent 2025 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d47c0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b840
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa201b610
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG before nx_logqueue_push, size: 0
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] apr_pollset_poll was interrupted
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d03f0
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa201b750
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got (queuesize: 0)
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG new event in event_thread [eventlog:READ]
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG future event, event thread sleeping 1000000ms in cond_timedwait
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG executing statements
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d0580
2024-02-14 19:46:37 DEBUG evaluating expression 'string literal' at C:\Program Files\nxlog\conf\nxlog.conf:34
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG worker 0 got no event to process
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG om_tcp sent 1985 bytes
2024-02-14 19:46:37 DEBUG before nx_logqueue_pop, size: 1
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d04e0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa201b7f0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG found other events (1), adding poll event to end of list
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0490
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: DATA_AVAILABLE (tcp)
2024-02-14 19:46:37 DEBUG om_tcp_write
2024-02-14 19:46:37 DEBUG add socket [21]
2024-02-14 19:46:37 DEBUG socket already added to pollset with reqevents [21 != 21]
2024-02-14 19:46:37 DEBUG tcp get_next_logdata: got NULL (queuesize: 0)
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 got signal for new job
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d0580
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0530
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: MODULE_RESUME (eventlog)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG RESUME: eventlog
2024-02-14 19:46:37 DEBUG module eventlog already running, skipping resume
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 0 processing event 0xa23d03f0
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 got no event to process
2024-02-14 19:46:37 DEBUG worker 2 waiting for new event
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 1 got signal for new job
2024-02-14 19:46:37 DEBUG worker 1 processing event 0xa23d0490
2024-02-14 19:46:37 DEBUG worker 0 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
2024-02-14 19:46:37 DEBUG [tcp] no poll events, pollset_poll timed out
2024-02-14 19:46:37 DEBUG nx_event_to_jobqueue: POLL (tcp)
2024-02-14 19:46:37 DEBUG event added to jobqueue
2024-02-14 19:46:37 DEBUG worker 2 got signal for new job
2024-02-14 19:46:37 DEBUG worker 2 processing event 0xa23d04e0
2024-02-14 19:46:37 DEBUG worker 1 waiting for new event
2024-02-14 19:46:37 DEBUG PROCESS_EVENT: POLL (tcp)
2024-02-14 19:46:37 DEBUG nx_module_pollset_poll: tcp
reesthil created
Receiving Windows DHCP logs are missing
Chung Wang created
Please give me some advice. When I used nxlog to receive DHCP server logs, I found that the logs were missing and the nxlog logs showed error messages. INFO inode changed for 'E:\DHCP\DhcpSrvLog-Fri.log' (56→56): reopening possibly rotated file
Chung Wang created
UDP JSON parsing issues: premature EOF, trailing garbage
Caleb Hornbeck created
I'm encountering some errors with a combination of JSON and UDP inputs/processing. After these errors start occurring, the nxlog process eventually gets killed by the system (or maybe crashes? I'm having a hard time determining that at this point.). It appears that nxlog receives some unexpected data via UDP, and then gets into some sort of loop about “map key name not found” until it eventually crashes. Based on the log below, I'm wondering if it has to do with fragmentation of the UDP packets, maybe receiving them out of order and not being reassembled properly before it gets to the point of being processed by the JSON transformer in NXlog?This particular instance is on a Rocky Linux 8 server, with nxlog-ce-3.2.2329. The general setup here is a local source sends JSON messages over UDP to nxlog via 127.0.0.1, and then nxlog handles the secure connection for sending the message to our Graylog server.Here's the applicable portion of the config. (Edit: I have no idea what's going on with the formatting of this code block; I've tried editing it several times, but I can't seem to get it to look normal. I'll just take it out of a code block and put some markers around it.)~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~<Output gelf> Module om_ssl Host <redacted: jinja2 var> Port 12202 AllowUntrusted True OutputType GELF_TCP <Exec> # These fields are needed for Graylog $gl2_source_collector = '<redacted: jinja2 var>'; $collector_node_id = '<redacted: jinja2 var>'; </Exec> <Schedule> When <redacted: jinja2 var> Exec reconnect(); </Schedule></Output><Input local_json_udp> Module im_udp Host 127.0.0.1 Port 12201 SockBufSize 150000000</Input><Processor local_json_udp_buffer> Module pm_buffer MaxSize 4096 Type Mem WarnLimit 3072</Processor><Processor local_json_udp_transform> Module pm_transformer InputFormat JSON</Processor><Route upd_fwd> Priority 1 Path local_json_udp => local_json_udp_buffer => local_json_udp_transform => gelf</Route>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~This is a relatively old config, so there are some things that have just been copied from previous versions as it's evolved, such as the 150M socket buffer on the UDP input, but only 4K on the internal buffer. Feel free to comment on changes to those, too.Here's the portion of the log from just before where the issue starts through the process crash, with sensitive data redacted. This is from the system journal. I don't believe the log file rotation ins part of the issue, but I included them for timing reference.Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:21:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:22:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: partial file path 1>2024-07-16 08:23:57 ERROR failed to parse json string, parse error: premature EOF; {"short_message":"[backtrace] A; (right here) ------^; [{"short_message":"[backtrace] A query is being a memory hog","full_message":"\n\t\t\t\tSELECT <redacted: mysql fields>\n\t\t\t\tFROM <redacted: mysql table>\n\t\t\t\tLEFT JOIN <redacted: mysql join> \nLEFT JOIN <redacted: mysql join> \nLEFT JOIN <redacted: mysql join> \n\t\t\t\tWHERE d.id IN(8654)\n\t\t\t\t\n\t\t\t\t\n\t\t\t\tORDER BY d.title ASC\n\t\t\t\t\n\t\t\t","SourceModuleType":"app_generated_msg","SourceModuleName":"php_graylog","SourceName":"app_pro_memory_log","memory_usage":200308768,"query_instance":"c32d1cc9f5caa42fa04a63761a736e71","backtrace":"[\n {\n \"file\": \"<redacted: truncated json-escaped path>
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR failed to parse json string, parse error: trailing garbage; 6182,\n 6186,\n ; (right here) ------^; [ 6182,\n 6186,\n 6187,\n 6188,\n 6189,\n 6190,\n 6191,\n 6192,\n 6193,\n 6194,\n 6195,\n 6196,\n 6197,\n 6198,\n 6199,\n 6200,\n 6201,\n 6203,\n 6204,\n 6205,\n 6206,\n 6207,\n 6208,\n 6209,\n 6210,\n 6211,\n 6212,\n 6213,\n 6214,\n 6215,\n 6216,\n
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 WARNING data in pm_buffer reached 3073 kbytes
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 WARNING pm_buffer is full (4100 kbytes)!
Jul 16 08:23:57 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR map key name not found
Jul 16 08:24:00 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:00 ERROR last message repeated 296744 times
Jul 16 08:24:00 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:00 ERROR map key name not found
Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found
Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found
Jul 16 08:24:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR map key name not found
Jul 16 08:24:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:05 ERROR last message repeated 323811 times
Jul 16 08:24:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:05 ERROR map key name not found
Jul 16 08:24:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:08 ERROR last message repeated 304470 times
Jul 16 08:24:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:08 ERROR map key name not found
Jul 16 08:24:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:11 ERROR last message repeated 265201 times
Jul 16 08:24:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:11 ERROR map key name not found
Jul 16 08:24:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:14 ERROR last message repeated 254768 times
Jul 16 08:24:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:14 ERROR map key name not found
Jul 16 08:24:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:17 ERROR last message repeated 267045 times
Jul 16 08:24:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:17 ERROR map key name not found
Jul 16 08:24:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:20 ERROR last message repeated 333813 times
Jul 16 08:24:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:20 ERROR map key name not found
Jul 16 08:24:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:23 ERROR last message repeated 293331 times
Jul 16 08:24:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:23 ERROR map key name not found
Jul 16 08:24:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:26 ERROR last message repeated 274896 times
Jul 16 08:24:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:26 ERROR map key name not found
Jul 16 08:24:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:29 ERROR last message repeated 274099 times
Jul 16 08:24:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:29 ERROR map key name not found
Jul 16 08:24:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:32 ERROR last message repeated 215508 times
Jul 16 08:24:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:32 ERROR map key name not found
Jul 16 08:24:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:35 ERROR last message repeated 227820 times
Jul 16 08:24:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:35 ERROR map key name not found
Jul 16 08:24:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:38 ERROR last message repeated 215476 times
Jul 16 08:24:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:38 ERROR map key name not found
Jul 16 08:24:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:41 ERROR last message repeated 249382 times
Jul 16 08:24:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:41 ERROR map key name not found
Jul 16 08:24:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:44 ERROR last message repeated 262639 times
Jul 16 08:24:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:44 ERROR map key name not found
Jul 16 08:24:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:47 ERROR last message repeated 228055 times
Jul 16 08:24:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:47 ERROR map key name not found
Jul 16 08:24:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:50 ERROR last message repeated 244952 times
Jul 16 08:24:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:50 ERROR map key name not found
Jul 16 08:24:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:53 ERROR last message repeated 230802 times
Jul 16 08:24:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:53 ERROR map key name not found
Jul 16 08:24:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:56 ERROR last message repeated 270445 times
Jul 16 08:24:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:56 ERROR map key name not found
Jul 16 08:24:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:59 ERROR last message repeated 276170 times
Jul 16 08:24:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:59 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:02 ERROR map key name not found
Jul 16 08:25:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:05 ERROR last message repeated 218827 times
Jul 16 08:25:05 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:05 ERROR map key name not found
Jul 16 08:25:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:08 ERROR last message repeated 241344 times
Jul 16 08:25:08 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:08 ERROR map key name not found
Jul 16 08:25:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:11 ERROR last message repeated 239566 times
Jul 16 08:25:11 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:11 ERROR map key name not found
Jul 16 08:25:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:14 ERROR last message repeated 216182 times
Jul 16 08:25:14 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:14 ERROR map key name not found
Jul 16 08:25:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:17 ERROR last message repeated 219382 times
Jul 16 08:25:17 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:17 ERROR map key name not found
Jul 16 08:25:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:20 ERROR last message repeated 210542 times
Jul 16 08:25:20 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:20 ERROR map key name not found
Jul 16 08:25:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:23 ERROR last message repeated 219382 times
Jul 16 08:25:23 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:23 ERROR map key name not found
Jul 16 08:25:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:26 ERROR last message repeated 215193 times
Jul 16 08:25:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:26 ERROR map key name not found
Jul 16 08:25:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:29 ERROR last message repeated 218181 times
Jul 16 08:25:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:29 ERROR map key name not found
Jul 16 08:25:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:32 ERROR last message repeated 218710 times
Jul 16 08:25:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:32 ERROR map key name not found
Jul 16 08:25:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:35 ERROR last message repeated 218381 times
Jul 16 08:25:35 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:35 ERROR map key name not found
Jul 16 08:25:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:38 ERROR last message repeated 279278 times
Jul 16 08:25:38 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:38 ERROR map key name not found
Jul 16 08:25:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:41 ERROR last message repeated 254365 times
Jul 16 08:25:41 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:41 ERROR map key name not found
Jul 16 08:25:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:44 ERROR last message repeated 246005 times
Jul 16 08:25:44 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:44 ERROR map key name not found
Jul 16 08:25:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:47 ERROR last message repeated 232794 times
Jul 16 08:25:47 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:47 ERROR map key name not found
Jul 16 08:25:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:50 ERROR last message repeated 256292 times
Jul 16 08:25:50 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:50 ERROR map key name not found
Jul 16 08:25:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:53 ERROR last message repeated 210924 times
Jul 16 08:25:53 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:53 ERROR map key name not found
Jul 16 08:25:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:56 ERROR last message repeated 210623 times
Jul 16 08:25:56 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:56 ERROR map key name not found
Jul 16 08:25:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:59 ERROR last message repeated 248391 times
Jul 16 08:25:59 <redacted: hostname> nxlog[846115]: 2024-07-16 08:25:59 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR last message repeated 195119 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:26:02 ERROR map key name not found
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: <redacted: partial file path 2>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR last message repeated 4494 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:23:57 ERROR last message repeated 821 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR last message repeated 195472 times
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 INFO input file '<redacted: file path>' was truncated, restarting from the beginning
Jul 16 08:26:02 <redacted: hostname> nxlog[846115]: 2024-07-16 08:24:02 ERROR last message repeated 35 times
...
Jul 16 08:27:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:26 ERROR last message repeated 205422 times
Jul 16 08:27:26 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:26 ERROR map key name not found
Jul 16 08:27:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:29 ERROR last message repeated 214852 times
Jul 16 08:27:29 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:29 ERROR map key name not found
Jul 16 08:27:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:32 ERROR last message repeated 104496 times
Jul 16 08:27:32 <redacted: hostname> nxlog[846115]: 2024-07-16 08:27:32 ERROR map key name not found
Jul 16 08:27:36 <redacted: hostname> systemd[1]: nxlog.service: Main process exited, code=killed, status=9/KILL
Jul 16 08:27:36 <redacted: hostname> systemd[1]: nxlog.service: Failed with result 'signal'.
-- Subject: Unit failed
-- Defined-By: systemd
-- Support: https://lists.freedesktop.org/mailman/listinfo/systemd-devel
--
-- The unit nxlog.service has entered the 'failed' state with result 'signal'.The log mostly consisted of the the log file rotation messages previous to this portion of it, with the occasional notification of the reconnect. The <redacted: partial file path 2> is the second half of the previous <redacted: partial file path 1>, so everything between them got inserted in the middle of that message being written to the log.The input JSON looks very GELF-esqe, but modified since NXLog CE doesn't support a GELF input. The exact message varies per error instance, but it does seem to be a consistently larger message (I've determined this by finding the origination point of the message from within the code of the local source), hence my suspicion of the underlying source being a limitation in the network stack.Any guidance on what's going on would be great. The “map key name not found” error is pretty vague, and I can't find much about it online or in this forum, but I also think that it's just a side effect to the issues that appear to happen before it.
Caleb Hornbeck created
Unable to download Community addition
damiany@terrane.net created
I havent been able to download the files for any of the community edition agents. https://nxlog.co/downloads/nxlog-ce#nxlog-community-edition , select the OS version and click Download. 5 sec later I get a pop up stating “Undefined”. I have tried on different Browsers, platforms, and workstations and there is no change in the behavior.
damiany@terrane.net created
The NXLOG Process 100% CPU Load after Server restart.
Wolfgang E created
Hi NXLOG Community,the NXLOG Process 100% CPU Load after Server restart on Windows Systems.The Problemcause is simple but i dont understand why.A Handfull of Servers whit much logfiles (nxlogconfiguration use Wildcard for logfolder(s)).The Logfiles are written in the Cachefile and looks okay. But it feels like digs through all log files.Small footage of a Configuration:<Input catalina>
Module im_file
File 'C:\Tomcat\logs\\catalina*.log'
Recursive True
PollInterval 30
SavePos True
CloseWhenIdle True
<Exec>
#parse date
if $raw_event =~ /(\d\d\-\S\S\S-\d\d\d\d \d\d:\d\d:\d\d)/ $EventTime = strptime($1, '%d-%b-%Y%t%H:%M:%S');
# Now set the severity to something custom. This defaults to 'INFO' if unset.
if $raw_event =~ /\sSEVERE\s/ $Severity = 'CRITICAL';
else if $raw_event =~ /\sERROR\s/ $Severity = 'ERROR';
else if $raw_event =~ /\sWARN\s/ $Severity = 'WARNING';
else $Severity = 'INFO';
# The facility can be also set, otherwise the default value is 'USER'.
$SyslogFacility = 'AUDIT';
</Exec>
</Input>We use the Last CE Version.: nxlog-ce-3.2.2329Thanks, regards Wolfgang
Wolfgang E created
syslog configuration in ce edition
TomLpz created
Hello, i am trying free alternatives for our old syslog software. Before investing a lot of time can you tell me if it is possible to realize the following syslog configuration?If someone has a similar syslog cofiguration and can post an example config or give me some advice that would be really nice.environment:Windows Server 2022NxLog CE 3.2.2329syslog source:cisco asaconfiguration:filename = [source/host IP]_YYYYMMDD_[idx].txt (idx = 001..\d\d\d)automatic file rotation (max file index 250) when event time has another date than the last log file (day change) -> index starts at 001 againorfile gets bigger than 64Mafter rotation moving file to (another) date folder "YYYYMMDD" (or compressing into an date archive file)remarks:the file rotation / size splitting does not have to happen immediatelythe moving/compressing after creating new log file(s) does not have to happen immediately
TomLpz created
NXLOG CE Installation Error
ServicesDelivery created
Hi,We encounter below error during the installation where directory /opt/nxlog was not created and agent not running.
ServicesDelivery created
exclude in im_file
HenkPuister created
I'm trying to configure an Exclude in im_file. I want to exclude logs with a date and number at the end of the filename. These files are already processed.Config:<Input PPS> Module im_file InputType multi_PPS File '%LOGDIR%\\*.log' # PPSPortaalManager_24-05-24_2.log Exclude '*_??-??-??_*.log' #. I've tried several notations, eg. double quotes instead of single, escaping the questionmarks. But none of them work. Searching for examples leads to 1 of 2 examples, which are very common examples, and none of them with wildcards.Using nxlog-ce-3.2.2329 .Has anyone a good, and working, example how to user Exclude in im_file?
HenkPuister created
Is it possible to use a variable in a regex?
Lala10040 created
Hello all, In the below code, “CID.*” is the regex that im using but in order to make the code generic I need to use a variable instead of regex, kindly let me know the fix for it or a way to go arround it . Main issue: I need to run “supressed” function for every different log separately such that one log of every type is suppressed.Thanks!!<Processor dup_drop>
Module pm_evcorr
<Suppressed>
Condition $raw_event =~ /CID.*/
Interval 90
Exec $MSG = $raw_event;
</Suppressed>
</Processor>
Lala10040 created
NXLog CE failing to connect our SIEM sensor (syslog server)
lordtsmc842 created
Hello there,I am experiencing the same reconnection issues on some VMs (Windows Server 2016 10.0.14393), but Nxlog connects successfully to our SIEM syslog sensor over port 601 from other VMs. When I run the netstat command on the affected servers, I see an “ESTABLISHED” connection between the server and the sensor (syslog server). The Windows firewall is disabled on all our servers.From the syslog server, there's a trace of successful packet exchange between the servers and the sensor. But I cannot see the Windows events in our SIEM platform.I have updated Nxlog CE to the latest version. Please help me resolve this issue.Thank you,Delvain
lordtsmc842 created
Clarification on using NXLog community edition for Commercial purpose
krishna created
I am considering using NXLog Community Edition for a commercial application and wanted to confirm if this is permissible under the NXLog Public License. Are there any restrictions or limitations I should be aware of when using the Community Edition in a commercial setting? Additionally, could you please highlight the major differences between the Community and Enterprise editions that could impact a commercial deployment? Thank you for your assistance!
krishna created
The MSI file seems to not be installing
CyberIke created
Whenever I try to run the .msi to install the Nxlog CE I get this error message Am doing something incorrectly or is the download file broken?
CyberIke created
Possible to have 2 different <Output Out> outbound configurations for 2 different log collectors?
smohammed@frgi.com created
Hello all. I wanted to know if anyone has had any luck or if it is possible to add a second <Output Out> configuration to the current nxlog.conf? Currently want to test a new log collector (Taegis) along side our current collector (Masergy) so we have streaming logs concurrently to each collector. e.gOutput out1> Module om_tcp Host 192.168.1.100 Port 514</Output> # Define the output to send logs to the second destination IP<Output out2> Module om_tcp Host 192.168.1.101 Port 514</Output> Thank you.
smohammed@frgi.com created
High time differences between event time and event received time
mig020 created
I'm currently using nxlog to collect windows event log and notice in the local log file there are time differences between event time and event received time. Event received time was about half an hour behind event time, any idea what would cause this to happen?
mig020 created
Any best ways to filter out the heartbeat logs from Azure
lauzeroo created
I noticed that many Azure heartbeat logs will send to SIEM, if i want to config the nxlog output file, how to filter it out and make it not send the logs to SIEM? Thanks.
lauzeroo created
nxlog-ce-3.2.2329.msi installer hashes/checksums
techsupport created
Hi,Understand that the Community Edition .msi installer are not digitally signed and there are previous discussion on this. Hope that I can some answers on where I can get the hashes for nxlog-ce-3.2.2329.msi to verify the file downloaded.The following are the Hash values I got for my downloaded fileMD5: 31862b5f58bbd07c82fc5b3b507a3fd1SHA1: 3b9ef0f6886d57601b9a072554cd78d7870f1866 Thank you very much.
techsupport created
Combine syslog and json
kristoffer created
This might seem as an odd thing, but I have a need where I want to combine syslog as well as json in the same message. Syslog should be combined (without the message field) with the complete $raw_event as json. I've successfully converted the entire thing to json with $json_message = to_json();However when I attempt the same thing with to_syslog_ietf(); an error is thrown. How would I achieve this behaviour with CE?Couldn't parse Exec block at C:\Path\nxlog.conf:58; couldn't parse statement at line 72, character 42 in C:\Path\nxlog.conf; function 'to_syslog_ietf()' does not exist or take different arguments.
kristoffer created
Issue with nxlog agent sending logs containing IP instead of hostname
LM_19 created
Hello,My current architecture is a windows nxlog agent sending logs to a remote syslog server. The agent is translating Windows event logs to json encapsulated syslog before sending them.I've encountered an inconsistency with the hostname field of the sent log, most of the sent logs contain the hostname as expected, but some only contains the IP address which creates a mess on the sorting I made on the remote syslog server.I haven't tried anything yet as I don't really know where to look for. My take is that it is a windows event log issue that can't be fixed but i'd like your opinions.Thank you for your help.
LM_19 created
