Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Configure Nxlog on IIS server

...

        C:\Program Files (x86)\nxlog\conf\nxlog.conf

4.Replace the entire configuration file by pasting the following Below – Note to replace the variable ({IP address of Seceon Server}) with the actual Seceon Server IP address:

define ROOT C:\Program Files (x86)\nxlog

Moduledir %ROOT%\modules
CacheDir %ROOT%\data
Pidfile %ROOT%\data\nxlog.pid
SpoolDir %ROOT%\data
LogFile %ROOT%\data\nxlog.log


<Extension syslog>
Module xm_syslog
</Extension>


<Input in_iis>
Module im_file
File "C:\\inetpub\\logs\\LogFiles\\W3SVC*W3SVC3\\u_ex*"
SavePos TRUE
ReadFromLast TRUE
Exec if $raw_event =~ /^#/ drop();
Exec $Message = $raw_event;
</Input>

<Output out_iis>
Module om_udp
Host CCE_IP_ADDRESS
Port 514
Exec $SyslogFacilityValue = 2;
Exec $SourceName = 'windows_iis_logs';
Exec to_syslog_bsd();
</Output>

...