my fixed nxlog.conf
----------
#define ROOT C:\Program Files\nxlog
define ROOT C:\Program Files (x86)\nxlog
Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile c:\windows\temp\nxlog.log
<Extension syslog>
Module xm_syslog
</Extension>
<Input in>
Module im_msvistalog
Exec to_syslog_bsd();
# For windows 2003 and earlier use the following:
# Module im_mseventlog
</Input>
<Output out>
Module om_udp
Host 10.100.100.1
Port 514
</Output>
<Route 1>
Path in => out
</Route>
-----------------
now tcpdump shows such lines are emitted to port 514 host 10.100.100.1:
<14>Aug 21 01:43:44 winserver1 Microsoft-Windows-GroupPolicy[936]: Okresowe
przetwarzanie zasad dla użyytkownika winserver1\ostrowska zostało ukończone w czasie
0 s.
but FreeBSD syslog doesn't write them out.
in the same time it properly writes from other unix hosts eg.
<38>Aug 21 09:09:09 login: login from 10.100.101.110 on pts/0 as root
what is wrong? the only difference i see is a host name added with nxlog?
can this be a problem? can it be removed?------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
nxlog-ce-users mailing list
nxlog-ce-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nxlog-ce-users
