Windows Log Management

The syslog-ng Premium Edition version 6 LTS offers complete support for Windows platforms. You can install the syslog-ng Premium Edition application on Windows operating systems as a client or central logserver.

Request your free trial

Advanced Client

In complex log management deployments, syslog-ng can perform advanced filtering, parsing, re-writing and classification on the client hosts or relays deployed at local sites. That way you can reduce the complexity and amount of data being transferred to the central logserver. When log sources, like webservers, generate logs containing sensitive data, such as login credentials, syslog-ng can anonymize the data at its source, rather than transferring it to a central logserver. This helps protect sensitive data, and also to comply with the PCI-DSS requirements.

Secure Central Logserver

Even in IT environments where Windows servers are exclusively deployed, network devices, security devices, and applications generate a variety of log messages which cannot be easily managed with standard Windows tools, such as the Windows Event Viewer. The syslog-ng Premium Edition can receive log messages coming from a wide variety of sources, including Windows servers, network devices and applications. With syslog-ng you can manage all the logs in your IT environment without having separate “data silos” for different kinds of log data. To protect sensitive log data, syslog-ng Premium Edition can store log messages securely in encrypted, compressed, indexed, and timestamped binary files, so any sensitive data is available only for authorized personnel who have the appropriate encryption key.

Lightweight Windows Agent

For log management deployments requiring a lightweight agent with a Graphical User Interface, the syslog-ng Agent for Windows is still available and includes new features such as RLTP™ support, flow control and wildcards in Event Source names. It can collect log messages from event log groups and log files and forward them to a syslog-ng server using regular or TLS-encrypted TCP connections, integrating your Windows hosts into your general log management infrastructure. The syslog-ng Agent can be managed from a domain controller using group policies, or run as a standalone application.


Featuresyslog-ng Agent for Windowssyslog-ng Premium Edition
Configuration Interface GUI or XML-based configuration file Flexible, text-based configuration file
Filtering Basic/Pre-defined Advanced/Customized
Classification Source based Source & Content Based
Re-write No Yes
Client-side disk buffering No Yes
TLS support Yes Yes
RLTP™ support Yes Yes
On the wire compression Yes Yes

Supported operating systems

  • Microsoft Windows Vista, 7, 8, 8.1, 10, Server 2003, 2008, 2012, 2016
  • 32 and 64-bit processor support

Request pricing or technical information

  • Need pricing information or supporting materials?
  • Interested in a product webinar or engineering consultation?

Tell us a bit more about you and let us know how we can help.

"Syslog-ng leads the pack with its features and performance, but that alone does not make it ready for the Enterprise. The fast response and in depth knowledge of the Balabit support team make syslog-ng an easy choice."
Evan Rempel senior system administrator

Not ready to talk to an expert yet?