1
response

Hi all.

I'm having some windows server that are subscribed to a nxlog server, who in turn sends the windows logs to a linux/syslog server.

The syslog receives all these logs as NOTICE.USER which is not too practical.

I would want the nxlog to keep the criticity of the message when forwarding them. I would want nxlog to prefix the logs with the original log sender hostname so that they appear as $PROGRAM in syslog.

Also, is there a way to use some criterions to send logs from nxlog to syslog using different facilities (USER, MAIL, LOCALn,...) according to some criterions (real PROGRAM value for instance)

AskedMarch 15, 2022 - 4:44pm

Answer (1)

Hi

Can you share your nxlog.conf file and a syslog log sample here? What module do you use to collect the Windows logs a which function to convert to syslog format (to_syslog_ietf() or to_syslog_bsd()).

Best regards,

Nenad