https://github.com/graylog2/graylog-guide-windows-eventlog
How to send Windows EventLogs into Graylog
https://github.com/graylog2/graylog-guide-windows-eventlog
Last synced: 4 months ago
JSON representation
How to send Windows EventLogs into Graylog
- Host: GitHub
- URL: https://github.com/graylog2/graylog-guide-windows-eventlog
- Owner: Graylog2
- License: apache-2.0
- Created: 2015-11-30T13:13:09.000Z (over 10 years ago)
- Default Branch: master
- Last Pushed: 2019-03-28T17:06:01.000Z (about 7 years ago)
- Last Synced: 2025-07-20T16:27:46.616Z (11 months ago)
- Size: 5.86 KB
- Stars: 19
- Watchers: 10
- Forks: 6
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# This guide has been archived.
The information in this guide is very old and likely no longer applicable to current versions of Graylog.
Please take that into account when reading the following content.
## How to send Windows EventLogs into Graylog
Windows cannot forward EventLog via the network to a central place like Graylog. You'll have to run an agent that can talk to Graylog. Good news is that there are two officially recommended agents:
### Graylog Sidecar
The [Graylog Collector Sidecar](https://github.com/Graylog2/collector-sidecar) is a supervisor process for 3rd party log collectors like NXLog or beats. The Sidecar program is able to fetch configurations from a Graylog server and render them as a valid configuration file for various log collectors. You can think of it like a centralized configuration management system for your log collectors.
Please [read the official documentation](http://docs.graylog.org/en/latest/pages/sidecar.html) to learn how to use the Graylog Collector Sidecar.
### nxlog
The [NXLog Community Edition](http://nxlog.org/products/nxlog-community-edition) is suitable to forward Windows EventLog to Graylog natively. Please refer to their official documentation for more information.
### Graylog Collector (deprecated)
The Graylog Collector is a lightweight Java application that allows you to forward data from log files to a Graylog cluster. The collector can read local log files and also Windows Events natively, it then can forward the log messages over the network using the [GELF](https://www.graylog.org/resources/gelf/) format.
Please [read the official documentation](http://docs.graylog.org/en/latest/pages/collector.html#graylog-collector) to learn how to use the Graylog Collector to forward Windows EventLog.