NetXMS Support Forum

I wanted to disable log parsing on windows nodes and removed log parser policies from agent config in template. However I get all events until I manually delete db file in appdata folder. Is it a bug or am I missing something?

I am using ver 3.0

One possible thing is that currently templates are applied to nodes when the Agent Policies tab in management console is closed. While that tab stays open, changes are saved in server's DB but not applied. If this is not the reason, please describe step-by-step sequence of your actions.

Thanks for the reply. Here are the steps I've done

There is a auto applied template applied to windows server machines which has 4 log parser configs for Securiy event parsing. I wanted to test ForwardedEvents parsing, so decided to disable Security event parsing configs to see only Forwarded Events. Here are the couple of ways I tried.

1. Automatic Apply Rules: Both checkboxes are selected (apply and remove). Changed script to "return false;". Wait for the template is removed. Still getting Security events.
2. Edited log parser configs in agent policies in the template to get no event. Forced deployment of agent policies. Still getting Security events.
3. Deleted log parser configs in agent policies in the template. Forced deployment of agent policies. Still getting Security events.
4. (The template has no log parsing configs now) For a node that I want to remove log parser config, stopped nxagent, deleted C:\Windows\System32\config\systemprofile\AppData\Local\nxagentd folder, started nxagent. Folder got created and I've achived my goal. Not getting Security events.

We've managed to replicate similar behavior that could be related to what is happening on your system - when node is removed from template, the .xml does not get deleted from that node. You can follow resolution progress here: https://track.radensolutions.com/issue/NX-1704