Forward Windows system Event logs to a Linux Syslog Server with no agent

windows linux syslog event-log parser

  • We have a SCOM 2012 server.

  • We have SNARE agents for PCI compliance, but now we want to save money by gathering all events for all Windows servers using its native features.

  • We also have a centralized Linux server running SYSLOG that will aggregate the logs to our log retention appliance (this is all for PCI purposes)

Thus, my question:

Can a windows server (SCOM 2012) forwards the events logs to a Linux syslog server? I assume this would occur by following a standard flat file format or something similar.

Thanks


Solution 1:

You need to use a Syslog agent, as Windows doesn't provide one.

...the Windows OS doesn’t include a syslog agent that is capable of sending syslog data to a syslog server. Without a syslog agent, not only can’t the Windows OS send syslog messages to a syslog server but it also can’t send syslog messages from any applications running in the Windows OS (like a web server or database).

Source

Both that source page, and Googling for "Windows Syslog Agent" provide many different Syslog agents you can try.

Related

Best way to remove all tabs from an Excel worksheet?
How can I span wallpapers over two monitors in Mac OS X?
M.2 is there and not there
Tomcat 7 manager app not prompt for login
how to make a scanned PDF text-selectable using ghostscript and gsview
How to bind an action if no dialog is open?
Python dont showing version
How to prove a Wronskian identity?
$a^m+k=b^n$ Finite or infinite solutions?
For what coinage systems does a greedy algorithm not work in providing change?
Why isn't $H^*(\mathbb{R}P^\infty,\mathbb{F}_2)\cong \mathbb{F}_2[[x]]$?
Group of isometries of $\mathbb{R}^n$