Exchange Login Tracking

ACR_RW · August 20, 2018, 2:00pm

I’ve deployed NxLog to my Exchange Servers and am able to get Graylog (via GELF UDP input) to ‘see’ the data from the server, however two things I cannot get working right.

Only one of my IIS logs seems to be coming through (W3SVC1, not W3SVC2) despite being in the same directory/permissions
Formatting / parsing is way, way off. I can’t find any marketplace items or other users who have parsed this before, which seems odd given how prevalent Graylog seems to be - has anyone run into this?

Any insight would be valued.

system · September 3, 2018, 2:16pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Stuck newbie can't search and display Graylog Central (peer support)	3	512	July 9, 2018
Nxlog file input Graylog Central (peer support) sidecar , nxlog , nodatanx	2	2491	April 12, 2018
No incoming data Graylog Central (peer support) sidecar , nxlog , nodatanx	8	3052	January 31, 2019
61 / 5000 Resultados de traducción I need help sending IIS events to graylog with NXLog Graylog Central (peer support) sidecar , nxlog , nodatanx , send-csv-logsnx	2	663	August 17, 2021
Graylog not receive information from windows Graylog Central (peer support) sidecar , nxlog , nodatanx	2	515	November 28, 2018

Exchange Login Tracking

Related Topics