I am trying to use NXLog to forward logs from a file on one computer to a file on another computer. I am new to NXLog but feel like I now have a good handle on it after consulting the documentation. Below is my configuration file for first the "from" computer and then the "to" computer. However, it does not seem to work.
I think the problems lies in one or more of the following:
NXLog config file AWS Windows ec2 box ip/port setup Network setup Here what I have done:
"From" computer NXLog config file:
define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
<Extension _syslog>
Module xm_syslog
</Extension>
<Input file>
Module im_file
File "C:\Logs\AllLogItems.txt"
InputType LineBased
</Input>
<Output tcp>
Module om_tcp
Host 52.91.47.52
Port 3389
OutputType LineBased
</Output>
<Route 1>
Path file => tcp
</Route>
"To" computer NXLog config file:
define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log
<Extension _syslog>
Module xm_syslog
</Extension>
<Input in>
Module im_tcp
InputType LineBased
</Input>
<Output out>
Module om_file
File "C:\Users\Administrator\logs\\nxlog_test.txt"
CreateDir FALSE
Truncate FALSE
OutputType LineBased
</Output>
<Route 1>
Path in => out
</Route>
For the "to" computer, according to the documentation, if no Host is specified, localhost is the default.
When I start the NXLog service on the "from" computer this is what the log looks like:
2016-01-21 19:37:05 INFO nxlog-ce-2.9.1504 started
2016-01-21 19:37:05 INFO connecting to 52.91.47.52:3389
And then when I run my application which will write logs(which will then cause nxlog to react), the nxlog log looks like this:
2016-01-21 19:37:05 INFO nxlog-ce-2.9.1504 started
2016-01-21 19:37:05 INFO connecting to 52.91.47.52:3389
2016-01-21 19:40:25 INFO reconnecting in 1 seconds
2016-01-21 19:40:26 INFO connecting to 52.91.47.52:3389
When I start NXLog on the "to" computer, every seems to be fine as the nxlog log file looks like this:
2016-01-22 01:05:04 INFO nxlog-ce-2.9.1504 started
Now, the "to" computer is a AWS ec2 Windows box. The port I'm using in the nxlog (3389) is the RDP port assigned to the instance:
My thought was that even though the nxlog log didn't show an error, that this port was causing issues as is may be in use. Hence, I tried to open some more tcp ports (5000-5010) as shown in the picture. However, when I try any of these ports (5000-5010) in the nxlog config file, I get this error:
2016-01-21 19:50:32 INFO nxlog-ce-2.9.1504 started
2016-01-21 19:50:32 INFO connecting to 52.91.47.52:5005
2016-01-21 19:50:53 INFO reconnecting in 1 seconds
2016-01-21 19:50:53 ERROR couldn't connect to tcp socket on 52.91.47.52:5005; A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
I kind of expected this as when I go to a site like yougetsignal.com, it still says that ports 5000-5010 are closed. So it might be a problem with this.
I've tried to debug this for days and have ran out of options. Thanks for your help.
