Windows Event Log export to MySQL DB

Question

I have windows 2008 R2 server. Is there any way all events can be logged in my linux base mysql database ? or is there any way i can log specific event in mysql tables?

Answer 1

The Windows Event Log system does not support logging to a SQL database by default - it always will log into locally-accessible files, only the destination directory and the file name are configurable via registry values¹.

Server 2008 R2 and newer OS versions come with a Windows Event collector which can be configured to forward events to another Windows host, but cannot convert the data to be passed on into a database.

But of course, you are free to use any script - either rolled on your own or created by someone else - which might do exactly this: reading data from the event log and writing rows into a database. There are numerous examples on the net on how this might look like.

You also might consider using a complete log management solution designed to the very purpose of collecting, storing, analyzing and presenting the logs. The market is flooded with products - choose one that you think makes a good fit.

---

¹ Each event log facility reads from the key HKLM\SYSTEM\CurrentControlSet\Services\EventLog\<logname> and the value of File (REG_EXPAND_SZ) represents the

Answer 2

Ok I finally made an workaround to get my required information logged in local file as well as in remote linux mysql db too. I simply made two batch files that are triggered on specific event ID, and then do the task of logging into local file as well in mySQL DB too. It's not fancy, its not professional, but I am happy that its working for me and exactly in a way i needed. .I summarize it in post for future reference. Windows Event-Viewer Logging to MYSQL