K K wrote:
On 8/7/07, Burns Andrew <aburns@snyderdrug.com> wrote:
Hi, I'm trying out Syslog-NG, and it's been working well with Linux, but I've been asked to start monitoring the eventlog of Windows 2000 Servers and Windows 2003 Servers. Is there a plugin or can Syslog-NG read those eventlog entries natively if they are sent to the Syslog-NG server? Any suggestions or tips are appreciated.
You can use the commercial syslog-ng fork (if that's the appropriate term) which runs as a service on Windows. It should do everything that you'd expect from syslog-ng on *NIX/Linux (i.e. option to send logs over TCP). Yes, it's commercial software, but I've found that IT managers in mixed environments are used to paying for the occasional piece of Windows software :) Esp. if it's useful software and/or helps the employer w/r/t regulatory compliance issues. Shill disclaimer: For the record I have absolutely no monetary interest in you purchasing (or not purchasing) anything from any particular vendor! -Matt Cuttler