Today, we are going to explain how to forward Windows system Event logs to a Linux Syslog Server using a Syslog Agent, In the last tutorial we showed you How to Setup LogAnalyzer with Rsyslog
Downloading and Installing Datagram Syslog Agent
Go to the official site of Datagram Syslog Agent, download the Datagram Syslog Agent 64-bit software and extract the zip file under Disk C
– Run the SyslogAgentConfig tool and click Install under the Service Status section at the top
– Enter the IP address of the syslog host and the Listening port. In my case, the Log Insight syslog server’s IP address is 192.168.1.200 and the used listening port is 514
– Before clicking the Start button you can select which type of event logs you want to be forwarded to your your Syslog Server; it could be System logs, Security Logs, Application Logs …
– For the purpose of desmontration, we are using a Syslog server with logAnalyzer, if you don’t installed yet you can take a look to this tutorial How to Setup LogAnalyzer with Rsyslog On CentOS 7 / RHEL 7.
Open this link http://Syslog_server_ip_address/loganalyzer and you have to recieve Windows Eventlogs from your syslog Agent
We hope this tutorial was enough Helpful. If you need more information, or have any questions, just comment below and we will be glad to assist you!
PS. If you like this post please share it with your friends on the social networks using the buttons below.Thanks.