NXLOG extracted the fields from any message

Post a different question
1
response

Hello there,

I'm using NXLOG Community Edition, and I want to inquire about how can I just forward the events log from Windows OS without modified the original log's contents. Because, the NXLOG extracted the fields from any message. So, is there a way to avoid the extraction?

Thanks and Regard.

AskedMarch 13, 2018 - 9:13am

Comments (1)

  • tape's picture

    Hello,

    nxlog should have to query, read and parse the logs to prepare for further processing. However you can try using $raw_event variable as usually that contais the raw data read from the source.

    Peter

    March 13, 2018 - 1:51pm

Answers (0)