I´m setting up a central Windows event collector, with NXLog to forward to Graylog. With a completely default setup, adding only a UDP collector to forward Windows event logs, the events from all different sources end up with the NXLog server name, not the name of the server the event originated from. If I delete the following line from the generated NXLog config, it fixes the problem:
¨Exec $Hostname = hostname_fqdn();¨. How do I stop the Graylog collector from putting this into the NXLog config? Everytime the 'collector sidecar' service restarts, the config gets overwritten. Thanks in advance! -- You received this message because you are subscribed to the Google Groups "Graylog Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/graylog2/841960db-e211-4c8f-b3cc-b032eca50cc4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
