Highest Voted 'nxlog' Questions - Server Fault Stack Exchange

3

votes

2 answers

How to forward windows log using Nxlog to rsyslog server(linux)?

Im using nxlog version 3.0 on WinServ2012 R2 Standard, i can forward the event logs under Eventviewer --> windows logs --> application, system, security. But Im not able to forward other log that is on different log directory/levels for…

asked Nov 24 '17 at 07:02

sherpaurgen

608
3
10
26

3

votes

1 answer

Windows Forward Events Missing User Data and Description

I have Subscription Events set to forward windows server 2008's Terminal Services/LocalSessionManager/Operational logs to another window's server 2008's Forward Events section. The Subscription Event is set with a HeartbeatInterval value of 300 (and…

windows windows-server-2008 windows-event-log logstash nxlog

asked May 21 '14 at 18:01

user220643

49
1
4

2

votes

1 answer

How to include a server identifier in nxlog output and reference it in logstash

If I have nxlog running on multiple IIS servers (say web1, web2, web3, web4). How can I add an identifier to the nxlog output which is being sent to logstash. Then within logstash I want to create a custom index with the server identifier (ex…

logstash nxlog

asked Aug 14 '14 at 17:22

Todd Smith

200
3
8

2

votes

1 answer

Nxlog Multiline Input to 1 Syslog Message

I am using nxlog to tail a custom log file on one of my Windows servers. Each entry in the text file looks similar to this. =================================================================================================================== 1/14/2014…

syslog nxlog

asked Jun 03 '14 at 18:27

Eric

1,373
3
17
33

1

vote

1 answer

Logstash Filter Conditional Not Getting Applied

I've got nxlog on my Windows servers shipping logs to Logstash (JSON-formatted). I want to clone off the security events to a SIEM, so I added the logic to catch certain Windows Event IDs: Even though the "Windows Event Log" tag gets applied (via…

configuration logstash nxlog

asked Mar 07 '17 at 18:32

armani

420
9
26

1

vote

0 answers

NXlog cant writes/read to cache for "savePos"

I can't configure NXlog to send Windows Event Logon logs. the logs are created before NXlog starts, so NXlog needs to remember When was the last time that he grabbed the Event logs. The problem occurs when I try to use the "savePos" directive in my…

logging nxlog

asked Jul 13 '16 at 10:32

Camel-lot

11
2

1

vote

1 answer

NXLog TCP Module Not Working

I am trying to use NXLog to forward logs from a file on one computer to a file on another computer. I am new to NXLog but feel like I now have a good handle on it after consulting the documentation. Below is my configuration file for first the…

networking amazon-ec2 amazon-web-services logging nxlog

asked Jan 22 '16 at 03:03

frankgreco

139
1
10

1

vote

0 answers

ERROR string limit (1048576 bytes) reached

I got some issue while working with my night batch log. How push MULTIline log as one event? I got stuck with one logfile that is over 26000 lines… NxLog get stuck at some point - I don't really blame him- but how can I force him to work with those…

log-files nxlog

asked Dec 21 '15 at 14:52

Tr4sK

23
5

1

vote

1 answer

NxLog delete file after processing

I would like to delete the logfile once processing, what I did: Module xm_multiline Exec if $raw_event =~ /^\s*$/ drop(); HeaderLine /Debut du job/ Module im_file …

log-files nxlog

asked Dec 16 '15 at 17:02

Tr4sK

23
5

1

vote

2 answers

Passing JSON application log to remote LogStash via NXLog on Windows

I have been trying to pass logs from a windows application which are already formatted in JSON to logstash via NXlog. When I have NXLOG send the file to Logstash, I get blasted with errors in the logstash.log: :message=>"An error occurred. Closing…

logstash json nxlog elk

asked Apr 26 '15 at 00:45

Noobixide

126
1
13

1

vote

1 answer

How to use om_exec with nxlog on Windows

I am attempting to use nxlog to read and parse IIS logs on Windows Server 2008 r2. Because I have particular requirements for these logs, I would like to use om_exec to send the log entries to a custom tool, where I will do the required work and…

nxlog

asked Jan 14 '15 at 18:16

Mark

159
1
2
11

1

vote

1 answer

IIS logs to Logstash with nxlog

I'm trying to join the date+time fields from the IIS log into the EventTime field for logstash digestion. This is my nxlog.conf file: #drop comment lines, join the date+time fields into an EventTime field, convert to json Module …

iis logging logstash nxlog

asked Jul 22 '13 at 06:32

David Vasandani

246
3
13

1

vote

0 answers

Installing Graylog with Nxlog collector on a Windows DC: no service installed

I'm trying to install a NxLog collector on a Graylog client machine. The Graylog and associated infra (elastic and mongodb) is running just fine. The install client is a Windows Server 2019 DC ("secondary"/"agent"/"respondent"? the not master new…

domain-controller windows-server-2019 graylog nxlog

asked Jan 18 '22 at 19:55

Luiz Silveira

11
1

1

vote

1 answer

Will rsyslog recover from unavailable unix domain socket?

I am following the instructions for NXLog here: https://nxlog.co/documentation/nxlog-user-guide/linux-logs.html#linux_logs_forwarding_socket_example under 80.2 about forwarding syslog messages to NXLog. It specifically states to restart NXLog and…

rsyslog nxlog

asked Jan 05 '22 at 23:17

Appleoddity

3,290
2
10
27

0

votes

1 answer

NXLog TLS configuration

I am trying to send logs using nxlog installed on a windows server to graylog server using TLS. I have created a self signed certificate. My questions is, if I set AllowUntrusted value to True in nxlog configuration for om_ssl module, do I have to…

graylog nxlog

asked Nov 19 '18 at 09:28

Prashant Mothukuri

101
1

Questions tagged [nxlog]