In the past I have used NxLog with success, but my most recent attempt with
their community edition has run into grief (some sort of memory error)
you should look at it, every product has problems at some point.
David Lang
On Thu, 27 Aug 2020, Peter Viskup via rsyslog wrote:
Date: Thu, 27 Aug 2020 08:29:16 +0200
From: Peter Viskup via rsyslog <[email protected]>
To: Rainer Gerhards <[email protected]>
Cc: Peter Viskup <[email protected]>,
rsyslog-users <[email protected]>
Subject: Re: [rsyslog] handling Windows Event Messages
Understand. It is one of our candidates.
Just discovered one of your latest posts regarding Windows Events
forwarding. :-)
https://rainer.gerhards.net/2019/10/rsyslog-integrating-windows-event-log-via-udp.html
Still interesting whether some other users have experience with other
software.
--
Peter
On Mon, Aug 24, 2020 at 4:47 PM Rainer Gerhards <[email protected]>
wrote:
For obvious reasons, I recommend the rsyslog Windows Agent ;-)
https://www.rsyslog.com/windows-agent/
Rainer
El lun., 24 ago. 2020 a las 16:17, Peter Viskup via rsyslog
(<[email protected]>) escribió:
>
> Does anyone have experience of handling WEC messages from Windows clients
> in (r)syslog infrastructure?
> The standard way is to install some Windows syslog agent which forwards
> Windows events to syslog infrastructure. What Windows syslog agent do you
> use?
>
> Might be interesting to see something like the imwec module.
>
https://docs.microsoft.com/en-us/windows/win32/wec/using-windows-event-collector
> The same way the syslog-ng PE implemented it.
>
https://support.oneidentity.com/technical-documents/syslog-ng-premium-edition/7.0.17/windows-event-collector-administration-guide/log
> They switch from developing Windows Syslog agent to WEC input module for
> syslog-ng server which I find the best way of handling this type of data
> flow.
>
> --
> Peter
> _______________________________________________
> rsyslog mailing list
> https://lists.adiscon.net/mailman/listinfo/rsyslog
> http://www.rsyslog.com/professional-services/
> What's up with rsyslog? Follow https://twitter.com/rgerhards
> NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad
of sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you
DON'T LIKE THAT.
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
_______________________________________________
rsyslog mailing list
https://lists.adiscon.net/mailman/listinfo/rsyslog
http://www.rsyslog.com/professional-services/
What's up with rsyslog? Follow https://twitter.com/rgerhards
NOTE WELL: This is a PUBLIC mailing list, posts are ARCHIVED by a myriad of
sites beyond our control. PLEASE UNSUBSCRIBE and DO NOT POST if you DON'T LIKE
THAT.
