Information: Forum is in read-only mode
For details and other support options see

Windows 2008 security log truncated

You need additional help with phplogcon, then write into this forum.

Moderator: alorbach

Google Ads

Windows 2008 security log truncated

Postby l.ferrara » Tue Mar 04, 2014 11:48 am

Hi All,

I am new on the product, so maybe I am missing something. I have installed Rsyslog 5.8.10 with LogAnalyzer on Centos 6.4 x64 bit. On some snare clients, I am not able to completly view security logs. Logs are truncated. This happens on Windows Server 2008.

See the attach.

Anyone can help?

Thank you.
loganalyzer truncated.png
loganalyzer truncated.png (14.55 KiB) Viewed 15422 times
Posts: 2
Joined: Wed Nov 13, 2013 10:54 pm

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Re: Windows 2008 security log truncated

Postby alorbach » Wed Mar 05, 2014 10:03 am

Windows 2008 events often have a lot of control characters in their messages like linefeeds.
Remove those linefeeds before you send the Events to your RSyslog Server.

best regards,
Site Admin
Posts: 1627
Joined: Thu Feb 13, 2003 11:55 am

Google Ads

Return to Help

Who is online

Users browsing this forum: No registered users and 0 guests