Request trial
Request Trial

Windows Nxlog creating multiple dyn$ folders

Tags: Ubuntu 16.04
#1 lucaspro

Hi, 

I really would like some assistance in the forum - 

Here is the scenario:

Installed nxlog.c.e in Windows 2008 R2

Used the query list -to get security logs

Added that in the module - started the server - everything is fine.

I tested this in my Windows mahcine - to my Redhat server.

Works.

The issue happens when the Windows machine is registered to the domain.

Once the service is started in windows, the syslog server creates host folders which include the Windows client name  as well as a bunch of other stuff.

Such as Authlite, Process, 0 00 1  etc etc.. list goes on.

Has anyone encountered this issue?  Kindly advise.  

Additional information: 

This issue only occurs with windows client - registered in the domain.     

When the nxlog forwards information to my rsyslog server - (which uses the template dyn$ to create host folders)  I get folders with 0 00 Authlite ... etc etc.

 Is there anyway to stop this of fix it.  Again it only happens with Windows client registered in the domain.  

Permalink
#2 adm Nxlog ✓
#1 lucaspro
Hi,  I really would like some assistance in the forum -  Here is the scenario: Installed nxlog.c.e in Windows 2008 R2 Used the query list -to get security logs Added that in the module - started the server - everything is fine. I tested this in my Windows mahcine - to my Redhat server. Works. The issue happens when the Windows machine is registered to the domain. Once the service is started in windows, the syslog server creates host folders which include the Windows client name  as well as a bunch of other stuff. Such as Authlite, Process, 0 00 1  etc etc.. list goes on. Has anyone encountered this issue?  Kindly advise.   Additional information:  This issue only occurs with windows client - registered in the domain.      When the nxlog forwards information to my rsyslog server - (which uses the template dyn$ to create host folders)  I get folders with 0 00 Authlite ... etc etc.  Is there anyway to stop this of fix it.  Again it only happens with Windows client registered in the domain.  

The directories are created by your rsyslog because it cannot parse the data sent from nxlog properly.

Make sure the data sent to your rsyslog server is syslog, i.e. use to_syslog_bsd().

 
Login to see more

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS