drewmiranda-gl
commented
1 year ago After cursory searching, i don't think NXlog even provide an x86 binary anymore.
Closed drewmiranda-gl closed 11 months ago
drewmiranda-gl
commented
1 year ago After cursory searching, i don't think NXlog even provide an x86 binary anymore.
drewmiranda-gl
commented
11 months ago
One of the default, out of box log collectors available in a fresh, clean install of Graylog (testing with 5.0.5) is nxlog (windows).
This collector defines an executable path of
C:\Program Files (x86)\nxlog\nxlog.exe. However, when downloading/installing NXLog, the default is the native x64 install, which uses pathC:\Program Files\nxlog\nxlog.exe.It also appears, and testing verifies this, that
C:\Program Files\nxlog\nxlog.exeis not a default defined entry for collector_binaries_accesslist.This will cause friction and frustration when attempting to use NXlog on windows with graylog.
Expected Behavior
Default, out of box collector for nxlog (windows) works with the default install path on x64 windows os without any further configuration.
Current Behavior
A lot of extra work is needed (creating a custom collector, updating the sidecar.yml config) to get nxlog x64 working with graylog.
Possible Solution
C:\Program Files\nxlog\nxlog.exe, or add another nxlog (windows) collector for x64 endpoint use.C:\Program Files\nxlog\nxlog.exeto the default collector_binaries_accesslistSteps to Reproduce (for bugs)
Context
This makes using nxlog considerably more difficult that it should be and forces the graylog admin to know the above info (which to be honest isn't very well documented). Fixing this will greatly simplify the use of nxlog as a collector.
Your Environment
Elasticsearch(OpenSearch) Version: 2.6.0Please let me know if there are any questions. Happy to discuss further.