NXLog and old Windows events

Question

It is possible to configure NXLog to send old Windows event so Syslog (ELK)?

So, if my machine is offline (any reason to lose network) I want to know what is happened in offline mode. Maybe someone attack my machine, or whatever, and I want to get all that log events in Syslog.

Any help?

score 1 · Answer 1 · answered Sep 17 '15 at 08:23

1

NXLog has flow-control, this will protect against message loss if the network goes down (unless you use UDP). There is also nxlog-processor for non-service mode.

answered Sep 17 '15 at 08:23

b0ti

2,319
1
18
18

Thanks for reply. Do you have example of nxlog conf file for that? – Kolesar Sep 17 '15 at 09:02

NXLog and old Windows events

1 Answers1