[syslog-ng] Syslog-ng Windows Agent & WIN2008 Event Forwarding Subscription

Szilárd Szabó xilu87 at gmail.com
Sun Jan 23 09:08:35 CET 2011


I try it.
Negative :(


2011/1/22 Martin Holste <mcholste at gmail.com>:
>>     I am not sure that these programs can forward events coming from
>>     other windows forwarded by WinRM. (so these events are in
>>     ForwardedEvents store on the server, and syslog-ng agent forward
>>     these forwarded events to a syslog-ng).
>>
>>     Can you confirm that these programs can do it?
>>
>
> I have not tried EvtSys with subscriptions, but I know that by default
> it will forward all sources (Security, Application, etc.) including
> any custom or otherwise non-standard sources.  If ForwardedEvents is
> considered a source, it will be forwarded along with everything else.
> I should also point out that you can configure EvtSys to filter out
> messages in a granular way with some registry keys if you don't want
> everything.
> ______________________________________________________________________________
> Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
> Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
> FAQ: http://www.campin.net/syslog-ng/faq.html
>
>



-- 
Üdvözlettel / Regards Szabó Szilárd
====================
http://szaboszilard.info

This message and any attachment(s) are intended only for the use of
the named recipient and may contain information that is privileged,
confidential or otherwise exempt from disclosure under applicable law.
If you are not the intended recipient, please notify the sender by
return e-mail and delete this message from your system. Do not
disclose the contents of this document to any other persons. Violation
of this notice may be unlawful. Please note that internet
communications are not secure and e-mails are susceptible to change.
Thank you for your cooperation


More information about the syslog-ng mailing list