jalogisch/nxlog.conf

## nxlog.conf
<Extension gelf>
    Module      xm_gelf
</Extension>

<Input in>
    # Use 'im_mseventlog' for Windows XP and 2003
    Module      im_msvistalog
   Exec if ($EventID == 4202 or $EventID == 4208 or $EventID == 4302 or $EventID == 4304 or $EventID == 5004) drop();\
   else{\
        if ( $EventType == "INFO" ) $SyslogSeverityValue = 6;\
        if ( $EventType == "WARNING" ) $SyslogSeverityValue = 4;\
        if ( $EventType == "ERROR" ) $SyslogSeverityValue = 3;\
    }
</Input>

<Output out>
    Module      om_udp
    Host         10.10.10.10
    Port        12345
    OutputType  GELF
</Output>

<Route 1>
    Path        in => out
</Route
	<Extension gelf>
	Module xm_gelf
	</Extension>

	<Input in>
	# Use 'im_mseventlog' for Windows XP and 2003
	Module im_msvistalog
	Exec if ($EventID == 4202 or $EventID == 4208 or $EventID == 4302 or $EventID == 4304 or $EventID == 5004) drop();\
	else{\
	if ( $EventType == "INFO" ) $SyslogSeverityValue = 6;\
	if ( $EventType == "WARNING" ) $SyslogSeverityValue = 4;\
	if ( $EventType == "ERROR" ) $SyslogSeverityValue = 3;\
	}
	</Input>

	<Output out>
	Module om_udp
	Host 10.10.10.10
	Port 12345
	OutputType GELF
	</Output>

	<Route 1>
	Path in => out
	</Route