I'm trying to avoid having duplicate logs send to my OSSIM server. I tried using the pm_norepeat module but to no avail.
Here the line I added in nxlog.conf file :
Path in_windows_events => sans_doublons => out_alienvault_csv
I also tried adding "CheckFields raw_event" in the processor, but I still get duplicate logs.
Does anyone know what could be the problem ?