responses
Dear All,
Has anyone else found issues with the latest Nxlog V3.0.22 in terms of memory. I upgraded a test system on a client and it was usng spiking up to 40% of CPU whereease 2.10 did not do this.
Also, is it possible to download 2.11.90 as the download link appears to have been removed. I even found this issue on Gitlab https://gitlab.com/nxlog-public/nxlog-ce/-/issues/17, however the link does not work.
Does anyone know if there is a repository of releases?
Cheers
Cyberkryption
Comments (2)
I would like to download the previous version and the link was removed.
You got it the file?
We are also seeing CPU usage issues with this version. Community edition 3.0.2272 will typically sit at 0% CPU usage for ~1 minute, and then spike to 65-120% of one CPU for ~1 minute. It cycles back and forth for as long as the NxLog client is running. At first we believed this was caused by the quite extensive amount exec statements we performed, but we were able to reproduce the issue with a very simple config that only loaded the im_msvistalog module and monitored a mostly unused event log (see below). We deployed to 35 servers running server 2012r2 datacenter, server 2016 datacenter, and server 2019 datacenter. How many logs/events were monitored and how busy the servers were, seemed irrelevant. Every server displayed the same issue.
We reverted back to community edition 2.11.2190 and no longer experienced the issue.
<Input windows_eventlog_defender>
Module im_msvistalog
<QueryXML>
<QueryList>
<Query Id="0">
<Select Path="Microsoft-Windows-Windows Defender/Operational">*</Select>
</Query>
</QueryList>
</QueryXML>
</Input>
<Route winserverevent_to_winserverevent_out>
Path windows_eventlog_defender => winserverevent_out
</Route>
<Output winserverevent_out>
Module om_tcp
Host cyclops.not.a.real.address.com
Port 33333
</Output>