I wanted to make sure if the following config would have nxlog send all event logs on a Windows Server (Domain Controller or otherwise) to a graylog instance.
## This is a sample configuration file. See the nxlog reference manual about the ## configuration options. It should be installed locally and is also available ## online at http://nxlog.org/docs/ ## Please set the ROOT to the folder your nxlog was installed into, ## otherwise it will not start. #define ROOT C:\Program Files\nxlog define ROOT C:\Program Files (x86)\nxlog Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log #<Extension _syslog> # Module xm_syslog #</Extension> <Extension gelf> Module xm_gelf </Extension> <Input in> Module im_msvistalog # For windows 2003 and earlier use the following: # Module im_mseventlog </Input> <Output out> Module om_udp Host 192.168.1.79 Port 12201 OutputType GELF # Exec to_syslog_snare(); </Output> <Route 1> Path in => out </Route> -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/723c5412-92bd-4d29-8d94-d5d53401e37e%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
