I cannot seem to get NXLog to ship IIS Logs to LogAnalyzer. It is collecting Event logs perfectly. I have commented out all event logs in an attempt to isolate just IIS flow and there is nothing.
define ROOT C:\\Program Files (x86)\\nxlog
define ROOT_STRING C:\\Program Files (x86)\\nxlog
define CERTDIR %ROOT%\\cert
# Include fileop while debugging, also enable in the output module below
# Module xm_fileop
# Module xm_syslog
Exec $Message = to_json();
# Windows Event Log
# Uncomment im_msvistalog for Windows Vista/2008 and later
# Module im_msvistalog
#Uncomment im_mseventlog for Windows XP/2000/2003
# Exec $Message = to_json();
# Exec if ($EventID == 5156) drop();
# Exec if ($EventID == 4656) drop();
# Exec if ($EventID == 4658) drop();
Path internal, eventlog => out
I am sure I am missing something simple. I have tried file path quotes (single and double), several different Input configs with varying levels of detail, I have tried variations of the wildcard to pull the log file, I even tried changing to double slashes in the file path (grasping at straws with that one).....
Any ideas would be appreicated...