Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Remote windows event log to linux splunk server

topscms
Engager
‎07-14-2010 07:57 PM

I require to monitor windows event logs on my linux splunk server. I realize that i will likely have to convert the windows event logs to syslog-type logging -- does splunk recommend a software package to do this?

I'd like to do whatever splunk recommends works best with their system.

Tags (1)
Reply

Looke0815
New Member
‎08-23-2011 12:33 PM

You could use eventlog-to-syslog: http://code.google.com/p/eventlog-to-syslog

0 Karma
Reply

Genti
Splunk Employee
Splunk Employee
‎07-14-2010 08:09 PM

i think the best thing will be installing splunk as a forwarder on the windows box that you are trying to monitor. Set the unix box as a receiver to accept connections from the windows forwarder. This way you can install the windows app in both forwarder and receiver and be able to do a whole lot more..

Reply
.conf21 Now Fully Virtual!
Register for FREE Today!

We've made .conf21 totally virtual and totally FREE! Our completely online experience will run from 10/19 through 10/20 with some additional events, too!

Get Updates on the Splunk Community!