Chapter 5. Collecting logs from Windows hosts

The syslog-ng Administrator Guide Document version: 1.0.20 Release date: April 11, 2008 Latest version available at the BalaBit Documentation Page
Previous \| Up \| Home \| Contents \| Index \| Glossary \| Next

Chapter 5. Collecting logs from Windows hosts

This chapter describes how to install and configure the syslog-ng agent on Microsoft Windows hosts.

The syslog-ng agent for Windows is a log collector and forwarder application for the Microsoft Windows platform. It collects the log messages of the Windows-based host and forwards them to a syslog-ng server using regular or TLS-encrypted TCP connections.

The features and restrictions of the syslog-ng agent are summarized below:

Reads messages from eventlog groups and log files.
Transfers log messages using TCP.
Supports TLS encryption.
Authenticates the server using X.509 certificates. Mutual authentication is also supported.
The format of eventlog messages can be customized using macros.

The syslog-ng agent supports the following operating systems:

Microsoft Windows Server 2003
Microsoft Windows XP
Microsoft Windows 2000 Server
Microsoft Windows 2000
Microsoft Windows Vista

© 2007 BalaBit IT Security
Please send your comments or documentation bugs to: documentation@balabit.com

Prev		Next
4.8. Configuring Microsoft SQL Server to accept logs from syslog-ng	Home \| Contents	5.1. Installing and configuring the syslog-ng agent