Hi,

I am using nxlog to send data from both Windows XP and Windows 7 machines to a Unix machine using syslog-ng .

My nxlog.conf files are configured to send im_mseventlog data for the Windows XP boxes and im_msvistalog data for the Windows 7 boxes.

(See attached file: new nxlog.conf)

Therefore I get slightly different data for each machine. The examples on your website don't show me how to parse out all of the im_mseventlog or im_msvistalog data from the different columns in msg. Can you help me with getting the data?

My syslog-ng.conf looks like this. I was told that the eventlog data would have the columns that I included in my table, but I am unable to figure out how to pull that data out of the msg column using the provided macros. I have searched and searched, but have not found any examples.


(See attached file: syslog-ng.conf)

Thank you for your help.

Mary Anne Waddick
Raytheon Technical Services
Senior Software Engineer II
(317) 306-2691 (desk)