Hello there,

I'm using NXLOG Community Edition, and I want to inquire about how can I just forward the events log from Windows OS without modified the original log's contents. Because, the NXLOG extracted the fields from any message. So, is there a way to avoid the extraction?

Thanks and Regard.

AskedMarch 13, 2018 - 9:13am

Comments (1)

  • tape's picture


    nxlog should have to query, read and parse the logs to prepare for further processing. However you can try using $raw_event variable as usually that contais the raw data read from the source.


Answers (0)