You can use the free version of nxlog if you install it as an agent on your windows systems. The commercial version can do remote collection.
It works pretty well and support the nested application logs (the new style logs who log topic-specific info like e.g. RDP sessions) Regards Ronny On 15 April 2014 20:39, Scipio <[email protected]> wrote: > I'm not sure WMI is the best way to go for polling events. Maybe if > you're only polling for a few events - I haven't done this in a while, so > maybe that's changed. > > I think Snare has an open source agent that will forward events from > Windows systems. That might be worth checking out. > > > On Tuesday, April 15, 2014 12:23:51 PM UTC, Dmitri Stoljarov wrote: >> >> Hi Gill, >> >> Logstash has got wmi input plugin - http://logstash.net/docs/1.4. >> 0/inputs/wmi >> >> >> On Tuesday, January 21, 2014 11:19:41 AM UTC+2, Gill Bates wrote: >>> >>> Hello y'all, >>> >>> is it possible to collect Windows eventlogs without an Agent/Client? >>> >>> I thought about a service, but there might be a more glorified way... >>> >>> ...like catching the logs by my graylog2 maschine? >>> >>> >>> Thanks for any suggestion. >>> >> -- > You received this message because you are subscribed to the Google Groups > "graylog2" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
