Hello

I've defined this as an input file in nxlog.conf

<Input cerberus_log> Module im_file File "C:\ProgramData\Cerberus LLC\Cerberus FTP Server\log\server.1.log" InputType LineBased PollInterval 5 <Exec> log_info("Msg <" + $raw_event + ">"); $date = substr($raw_event,1,10); $time = substr($raw_event,12,8); $cmd = substr($raw_event,23,7); $pid = substr($raw_event,32,6); $action = substr($raw_event,42); $Hostname = hostname_fqdn(); $SourceName = "Cerberus FTP Server"; $ProcessID = $pid; $EventTime = parsedate($date + " " + $time); $Message = $cmd + ": " + $action; $SyslogSeverityValue = 6; $SyslogFacilityValue = 11; </Exec> </Input>

When this input is read from the log file

[2018-03-28 09:21:48]: REPLY [ 5445] - 234 Authentication method accepted

[2018-03-28 09:21:48]:CONNECT [ 5445] - SSL connection using TLSv1.2 (ECDHE-RSA-AES256-GCM-SHA384), 256 bit encryption [2018-03-28 09:21:48]:CONNECT [ 5445] - SSL connection established [2018-03-28 09:21:48]:COMMAND [ 5445] - USER PandoraManuellt [2018-03-28 09:21:48]: REPLY [ 5445] - 331 User PandoraManuellt, password please

[2018-03-28 09:21:48]:COMMAND [ 5445] - PASS ***********

the following is logged in nxlog.log

2018-03-28 09:21:51 INFO Msg <[> 2018-03-28 09:21:51 INFO Msg <> 2018-03-28 09:21:51 INFO Msg <[> 2018-03-28 09:21:51 INFO last message repeated 3 times 2018-03-28 09:21:51 INFO Msg <> 2018-03-28 09:21:51 INFO Msg <[>

Empty lines are empty, but when a line that starts with a '[' then $raw_event only contains that character and nothing else. Why?

Mats-Ove