HomeProducts › syslog-ng Premium Edition ›
syslog-ng Premium Edition

Agent for Microsoft Windows platforms

Take the Next Step

See the cost benefits of syslog-ng PE usage over syslog-ng OSE

The syslog-ng Agent for Windows is an event log collector and forwarder application for Microsoft Windows platforms. It collects the log messages from event log groups and log files and forwards them to a syslog-ng server using regular or TLS-encrypted TCP connections, integrating your Windows hosts into your general log management infrastructure. The syslog-ng Agent can be managed from a domain controller using group policies, or run as a standalone application.

Main features

  • Reads messages from event log groups and log files.
  • Transfers log messages using TCP.
  • Supports TLS encryption.
  • Authenticates the server using X.509 certificates. Mutual authentication is also supported.
  • The format of event log messages can be customized using macros.
  • Supports multiple destinations both in parallel and fail-over modes.
  • Can be managed from a domain controller using group policies.
  • Unique message IDs.

Collection

  • Collecting event log messages.
  • Collecting from log files, even if the logging application rotates the log files into separate subfolders.
  • Filtering messages based on different message parameters (for example event ID, event type, source, message content, and so on).
  • Supporting both blacklist and whitelist filtering.
  • Supporting multi-line messages.
  • Forwarding messages to a syslog server or relay.

Transport

  • Forwarding messages to the syslog server using TCP, TLS, SSL protocols.
  • Supporting mutual authentication (when using TLS, the server can authenticate syslog-ng Agent and vice versa).
  • Supporting syslog RFC (RFC3164; RFC 5424-5428).
  • Supporting SNARE message format.
  • Sending messages to a backup server if the primary logserver becomes unavailable (client side failover).
  • The syslog-ng Agent for Windows application does not support the unreliable UDP protocol.

Processing/Storage

The syslog-ng Agent for Windows configures the message format, and is able to cooperate with message processing and storing applications, such as:

  • The syslog-ng Premium Edition on UNIX servers.
  • The syslog-ng Store Box.
  • Cooperates with any other log management software.

The syslog-ng Agent for Windows only forwards event log messages but does not function as a syslog server.

Supported operating systems

  • Microsoft Windows 2000
  • Microsoft Windows XP
  • Microsoft Windows Server 2003
  • Microsoft Windows Vista
  • Microsoft Windows Server 2008
  • Microsoft Windows 7
Download your free trial now

The syslog-ng Agent for Windows also offers full support for 64-bit operating systems.

The syslog-ng Agent for Windows is available only in syslog-ng Premium Edition.