[SASAG] Windows event logging -> syslog

Dr. Dave Blunt dblunt at groundworkopensource.com
Fri Oct 12 08:45:51 PDT 2007


We use Snare Agent for Windows pretty successfully to forward event
logs, and use syslog-ng as a replacement for the stock syslog in order
to reformat the incoming messages.  Earlier versions had some stability
issues  There's another service we have tested - 'Nagios EventLog'
although it is sending event log messages directly to the Nagios
monitoring tool using the NSCA 'protocol' over TCP.

-----Original Message-----
From: members-bounces at lists.sasag.org
[mailto:members-bounces at lists.sasag.org] On Behalf Of Ian Masterson
Sent: Friday, October 12, 2007 8:38 AM
To: members at lists.sasag.org
Subject: [SASAG] Windows event logging -> syslog

Someone asked last night about sending Windows event log entries to a
syslog server. Although I haven't done so myself, Tina Bird has pulled
together a bunch of log analysis-related information, including how to
handle Windows events using syslog:

http://www.loganalysis.org/sections/syslog/windows-to-syslog

-Ian
_______________________________________________
Members mailing list
Members at lists.sasag.org
http://lists.sasag.org/mailman/listinfo/members



More information about the Members mailing list