Hello,
I am trying to send Graylog with NXLog on the logs on Windows Server 2016.
I can send event log from Server 2012 with the same configuration but this doesn’t work on Server 2016.
It looks like an IN / OUT message, but the Dashboard does not reflect the log.
I used Graylog Collector-Sidecar but it does not work.
What can I do?
Thanks.
Provide all information and details you have so we can try to help.
Hi jochen,
Thank you for your help.
Here is my nxlog.conf file:
This file is running on Server 2012, I can see the logs in the Graylog interface:
The same configuration file does not work on Windows Server 2016.
In Windows Server 2016 nxlog.log there is only this:
2018-02-26 15:28:00 INFO nxlog-ce-2.9.1716 started
Anything else to help you?
Info: I’m writing the server IP address in Server_IP. I wrote this to hide the IP address.
Thanks.
Hello again,
I have found an alternative solution to this problem.
Send the logs as JSON, not as a GELF.
The NxLog config file should look like this:
Graylog Inputs should be like this:
Parse incoming logs through Graylog Extractors. 
Expression link:http://docs.graylog.org/en/2.4/pages/extractors.html#using-the-json-extractor
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
