I'm not sure WMI is the best way to go for polling events. Maybe if you're only polling for a few events - I haven't done this in a while, so maybe that's changed.
I think Snare has an open source agent that will forward events from Windows systems. That might be worth checking out. On Tuesday, April 15, 2014 12:23:51 PM UTC, Dmitri Stoljarov wrote: > > Hi Gill, > > Logstash has got wmi input plugin - > http://logstash.net/docs/1.4.0/inputs/wmi > > > On Tuesday, January 21, 2014 11:19:41 AM UTC+2, Gill Bates wrote: >> >> Hello y'all, >> >> is it possible to collect Windows eventlogs without an Agent/Client? >> >> I thought about a service, but there might be a more glorified way... >> >> ...like catching the logs by my graylog2 maschine? >> >> >> Thanks for any suggestion. >> > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
