5
responses

2020-08-17 16:31:18 INFO nxlog-ce-2.10.2150 started
2020-08-17 16:31:18 ERROR couldn't connect to udp socket on 10.0.20.99:12201; A socket operation was attempted to an unreachable network.

why I am getting this error?How can I solve this?

NXLog-CE version- 2.10.2150

AskedAugust 18, 2020 - 3:20pm

Answer (1)

Hi, the message is quite self-explainable. The line

2020-08-17 16:31:18 ERROR couldn't connect to udp socket on 10.0.20.57:12201; A socket operation was attempted to an unreachable network.

means that the network you are trying to reach via udp is not accessible for the instance of nxlog.

Please, check if you can reach the network first from the machine, also you may show us your *conf file.

Regards,

Rafal

Comments (4)

  • SB_542377's picture

    Panic Soft
    #NoFreeOnExit TRUE

    define ROOT C:\Program Files (x86)\nxlog
    define CERTDIR %ROOT%\cert
    define CONFDIR %ROOT%\conf
    define LOGDIR %ROOT%\data
    define LOGFILE %LOGDIR%\nxlog.log
    LogFile %LOGFILE%

    Moduledir %ROOT%\modules
    CacheDir %ROOT%\data
    Pidfile %ROOT%\data\nxlog.pid
    SpoolDir %ROOT%\data

    <Extension _syslog>
    Module xm_syslog
    </Extension>

    <Extension _charconv>
    Module xm_charconv
    AutodetectCharsets iso8859-2, utf-8, utf-16, utf-32
    </Extension>

    <Extension _exec>
    Module xm_exec
    </Extension>

    <Extension _fileop>
    Module xm_fileop

    # Check the size of our log file hourly, rotate if larger than 5MB
    <Schedule>
    Every 1 hour
    Exec if (file_exists('%LOGFILE%') and \
    (file_size('%LOGFILE%') >= 5M)) \
    file_cycle('%LOGFILE%', 8);
    </Schedule>

    # Rotate our log file every week on Sunday at midnight
    <Schedule>
    When @weekly
    Exec if file_exists('%LOGFILE%') file_cycle('%LOGFILE%', 8);
    </Schedule>
    </Extension>

    <Extension _gelf>
    Module xm_gelf
    </Extension>

    <Input in_win>
    Module im_msvistalog
    Query <QueryList><Query Id="0"><Select Path="Microsoft-Windows-Windows Defender/Operational">*</Select></Query></QueryList>
    Exec $Hostname = hostname();
    </Input>

    <Output out>
    Module om_udp
    Host 10.0.20.99
    Port 12201
    OutputType GELF
    </Output>

    <Route oute_win>
    Path in_win => out
    </Route>

  • SB_542377's picture

    Hii,

    yes, the nxlog stops with that error and it never retries, I have to manually restart the service to make it work again.

    windows version-1909

    This is happening after we restart the pc, so we have a slight suspicion that nxlog is trying to connect before the system could fully startup/ properly establish the network connection. we changed the startup type to the automatic delayed start, now we are just waiting to see will it work or not.

    Do you have any other thoughts about why this is happening?is it possible to force it to retry later?

    Thank you,
    Sara