Hi, You can do that using Eventchannel. Eventchannel <https://docs.microsoft.com/en-us/windows/win32/wes/defining-channels> is maintained since Windows vista and can monitor the Application and Services logs along with the basic Windows logs. You can check the following link <https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/how-to-collect-wlogs.html> for further information.
Hope it was helpful. Let me know if you need anything else. Regards, Yana. On Wednesday, June 12, 2019 at 7:25:54 PM UTC+2 [email protected] wrote: > It appears OSSEC is not logging warnings in windows logs. Is there some > place this gets turned on? > > ossec.conf is set to ingest windows app, system and security logs in the > ossec.conf file present on the end points. > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/ossec-list/6996bdd3-33ac-431b-a5c9-204279f70ba6n%40googlegroups.com.
