Windows 2008 security log truncated

You need additional help with phplogcon, then write into this forum.

Google Ads


Windows 2008 security log truncated

Postby l.ferrara » Tue Mar 04, 2014 11:48 am

Hi All,

I am new on the product, so maybe I am missing something. I have installed Rsyslog 5.8.10 with LogAnalyzer on Centos 6.4 x64 bit. On some snare clients, I am not able to completly view security logs. Logs are truncated. This happens on Windows Server 2008.

See the attach.

Anyone can help?

Thank you.
Attachments
loganalyzer truncated.png
loganalyzer truncated.png (14.55 KiB) Viewed 15090 times
l.ferrara
New
 
Posts: 2
Joined: Wed Nov 13, 2013 10:54 pm

Urgent Question?

  • Pulling out your Hair?
  • Wasting Time and Money?
  • Deadline Approaching?

Re: Windows 2008 security log truncated

Postby alorbach » Wed Mar 05, 2014 10:03 am

Windows 2008 events often have a lot of control characters in their messages like linefeeds.
Remove those linefeeds before you send the Events to your RSyslog Server.

best regards,
Andre
alorbach
Site Admin
 
Posts: 1627
Joined: Thu Feb 13, 2003 11:55 am

Google Ads



Return to Help

Who is online

Users browsing this forum: No registered users and 0 guests

cron