Windows 8.1 and corrupted event log ? | nxlog.co

I had this issue, your input config needs <QueryList> lines adding, see my example below:

# Monitor Windows event logs
<Input eventlog>
# Uncomment for Windows Vista/2008 or later
Module im_msvistalog

Query       <QueryList>\
<Query Id=”0″>\
<Select Path=”Application”>*</Select>\
<Select Path=”System”>*</Select>\
<Select Path=”Security”>*</Select>\
<Select Path=”Setup”>*</Select>\
</Query>\
</QueryList>

# Uncomment for Windows 2000 or later
# Module im_mseventlog
</Input>

Source: Windows 8.1 and corrupted event log ? | nxlog.co

That worked for me on Windows 10.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s