• Support
  • Forums
  • Blogs

How would I configure nxlog to collect event 5139

marramarra

New Life Form
I am using nxlog to send logs from our Domain Controllers to AlienVault SIEM. I noticed that nxlog is sending logs from security under event viewer but it is not sending the event ID 5139 (it appear in the event viewer on the DC).

I checked patterndb.xml file and it seems that this event ID is not included. I added the even ID and restarted the service but it is still not sending it to the SIEM. Is there anything that I am missing in order for nxlog to start sending this event to the SIEM?

Share post:

Answers

Sign In or Register to comment.