Hi, I'm currently outputting my desired log into a specific folder. I'm attempting to rotate the output file by size. Is there any limitations if i'm not under a enterprise license? Anyway this is the error i'm getting: ERROR failed to determine file size of 'APPLOGFILE': The system cannot find the file specified. This is my config Panic Soft #NoFreeOnExit TRUE define ROOT C:\Program Files (x86)\nxlog define CERTDIR %ROOT%\cert define CONFDIR %ROOT%\conf define LOGDIR %ROOT%\data define LOGFILE %LOGDIR%\nxlog.log LogFile %LOGFILE% Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data define APPLOGFILE'/Program Files/Nxlog/Parsed_syslog/my_parsed.log' <Extension _fileop> Module xm_fileop </Extension> <Extension exec> Module xm_exec </Extension> <Extension syslog> Module xm_syslog </Extension> <Extension charconv> Module xm_charconv AutodetectCharsets utf-8, euc-jp, utf-16, utf-32, iso8859-2 </Extension> <Extension json> Module xm_json </Extension> <Extension multiline_header> Module xm_multiline HeaderLine /[\d\t .:]+ [1A-Za-z-]+ [MXZa-z-]+ [\d.\/-]+ [\d:]+ CEST \|/ </Extension> #5140 udp listenner <Input udp_my_listenner> Module im_udp Host 0.0.0.0 Port 5140 </Input> #writes input to a file <Output my_raw_to_file> Module om_file File '/Nxlog/Raw_syslog/'+ strftime(now(),'_%Y_%m_%d') + '_my_raw.log' </Output> <Input raw_udp_file> Module im_file SavePos True ReadFromLast True File '/Nxlog/Raw_syslog/'+ strftime(now(),'_%Y_%m_%d') + '_my_raw.log' InputType multiline_header <Exec> $type = 'my Log'; $SourceModuleName = 'NxLog'; $SourceModuleType = 'my Log Source'; $Message = $raw_event; if not (($raw_event =~ /TEST REGEX/)) drop(); </Exec> </Input> <Processor norepeat> Module pm_norepeat CheckFields Hostname, Message, SourceName </Processor> #output of the transformation <Output my_json_out> Module om_file File 'D:/Program Files/Nxlog/Parsed_syslog/my_parsed.log' Exec $raw_event = to_json(); <Schedule> Every 30 sec <Exec> if(file_size('APPLOGFILE') >= 100M) { file_cycle('APPLOGFILE',500); my_json_out->reopen(); } </Exec> </Schedule> </Output> #1st route <Route udp_to_file> Path udp_my_listenner => my_raw_to_file </Route> #2nd route <Route udp_file_to_json_file> Path raw_udp_file => norepeat => my_json_out </Route> What am i doing wrong? can anyone suggest a better config? This is my first time configuring log rotation via nxlog. What i would like to achieve as and output is that every x seconds if the file exceeds 100MB it's rotated and a new file is created.

Hello, I'm trying to use the log rotation functionality of nxlog but when nxlog tries to rotate is get the follow error message: Error failed to rename file from C:\Users\me\Desktop\pfirewall.log to C:\Users\me\Desktop\pfirewall.log.1: The process cannot access the file because it is being used by another process. Is there anyway to get around this? Here is my nxlog.conf define ROOT C:\Program Files (x86)\nxlog Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log define FWLOG C:\Users\me\Desktop\pfirewall.log <Extension _syslog> Module xm_syslog </Extension> <Extension fileop> Module xm_fileop </Extension> <Input FWLOG> Module im_file File '%FWLOG%' InputType LineBased SavePos TRUE </Input> <Output OUT> Module om_file File '%FWLOG%' &lt;Schedule&gt; Every 10 sec Exec if (file_size('%FWLOG%') &gt;= 1K) \ { \ file_cycle('%FWLOG%',10); \ OUT-&gt;reopen(); \ } &lt;/Schedule&gt; </Output> <Route 1> Path FWLOG => OUT </Route>