Graylog not receive information from windows

klausneil · November 13, 2018, 9:56pm

Hi, i configure graylog on ubuntu server 18, all right but i install NXLOG on my Windows Server and configure the file nxlog.conf with this information

define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log

Module xm_gelf # Use 'im_mseventlog' for Windows XP and 2003 Module im_msvistalog Exec if ($EventID == 4202 or $EventID == 4208 or $EventID == 4302 or $EventID == 4304 or $EventID == 5004) drop();\ else{\ if ( $EventType == "INFO" ) $SyslogSeverityValue = 6;\ if ( $EventType == "WARNING" ) $SyslogSeverityValue = 4;\ if ( $EventType == "ERROR" ) $SyslogSeverityValue = 3;\ } Module om_udp Host 192.168.10.12 Port 12201 OutputType GELF

<Route 1>
Path in => out

But in my graylog i not see information of the server. Please help me.

jan · November 14, 2018, 7:00am

Please format your posting ( https://community.graylog.org/faq#format-markdown ) than it might happen that someone helps you.

Did you check if no Firewall prevents the messages coming in? Did you create a UDP GELF Input on Port 12201? Did you check if the Windows host can reach Graylog?

Topic		Replies	Views
NxLog configured but cannot see any logs on Greylog Graylog Central (peer support) sidecar , nxlog , winlogbeat , nodatanx	4	900	September 23, 2020
Some Windows event logs not showing in Graylog Graylog Central (peer support) sidecar , windows , nxlog , gelf	11	1491	January 18, 2023
Collecting Windows Logs with NXLOG Graylog Central (peer support) sidecar , nxlog , nodatanx	4	6826	April 16, 2019
Nxlog on windows 2012 not working Graylog Central (peer support) sidecar , nxlog , nodatanx	20	3138	November 18, 2021
Client on windows and linux Graylog Central (peer support) sidecar , nxlog , filebeat-linux , filebeat-windows , nodatanx	3	3293	July 2, 2018

Graylog not receive information from windows

Related topics