Hi!
We have nxlog ce running in a Windows machine. It works ok.
- If time is changed to the future, it continues forwarding logs.
- However, if time is changed to the past, logs are not forwarded anymore. This affects to logs from windows events, from a text file, etc.
It seems that nxlog is filtering the logs and that logs with a previous time than others received are discarded. Logs are forwarded again if nxlog service is restarted (this seems to be doing a 'reset' on expected time) Do you know how could we avoid this?
juanjo created
Hi, can anyone help me with the output of my nxlog.conf
I want to convert epoch time from my Bro logs;
Part of the logs:
1482865199.693051 FSYupp4bmRs8tT5Jyg 3 5A00020E4289E78C695848......
1482865200.300809 FmXyl22Uxsq1cudDd8 3 5A00020E4289E78C695848......
1482865200.203542 FAuSUU3X9pgdSJ2D2g 3 5A00020E4289E78C695848.......
1482865201.043722 F0KUdW3Nm5edyqPXLl 3 0CEAC9CAD430F24F334575.......
My current settings are
<Output o.name.log>
Module om_tcp
Host xx.xxx.xxx.xxx
Port xxxx
OutputType LineBased
</Output>
Thanks!
absolis created
