Splunk AppDynamics
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Is there a way to ingest Windows Event Logs in to Log Analytics?

Wade_Morris
New Member
‎09-09-2020 12:12 PM

Hi,

Does anyone know if there is a way to ingest Windows Event Logs in to Log Analytics?

Labels (1)
Labels
Tags (1)
0 Karma
Reply

Morelz
Builder
‎11-07-2020 02:15 AM

Hi Wade

As you now know there is no OOB solution to ingest windows event logs into Analytics.

A quick way to do this as follows, I am assuming you want to use the Log Analytics licensing, not the Custom Analytics Schema.

1. Use Elastics winlogbeat solution to process the events logs into a file output

2. Then use the default log analytics function of AppD to ingest the event logs into Log Analytics using the machine agents.

Depending on the scale of your requirement you can either do the following to simplify the layout.

1. Use built in windows functionality to forward all events to a centralized server, and install one instance of winlogbeat to process the data into AppD.

2. install winlogbeat on multiple windows servers to process each separately

Ciao 

Reply

Steven_Colliton
Explorer
‎10-29-2020 08:15 AM

This was the answer I got from support after I asked the same question.

Log analytics doesn't support monitoring for windows event viewer logs but however, you can use our windows event log extension monitor to get it monitored

https://www.appdynamics.com/community/exchange/windows-event-log-monitor/

If you need this to be supported via log analytics, you can raise an ER by following the below process

==========

We have evaluated and determined that your request is best suited for our Community Idea Exchange. Please sign in to the Community and go to the “Idea Exchange” section to resubmit your feature/enhancement request.

The Idea Exchange is where customers are able to directly submit, vote, and discuss feature requests and product ideas to affect product changes. You can check in on submitted ideas and see status updates at any time. To learn more about what to expect and how to present your ideas, see Idea Submission Guidelines.

Going forward, please do not submit feature requests via support tickets. We understand how important it is to constantly be innovating and we need your ideas and engagement to affect change, the best way forward is the Idea Exchange.

^ Note by @Ryan.Paredez - the idea exchange is only accessible by AppD Customers and is not accessible for trial and lite users. 

Reply

iamryan
Community Manager
Community Manager
‎11-02-2020 11:11 AM

Hello,

I searched in the Idea Exchange for a post that was related to this topic but did not find one. 

@Steven.Colliton  or @Wade.Morris  if one of you has the time to create this post Stevens reply has all the details about accessing the Idea Exchange as well as the guidelines.

If one of you does create the post, please share the link back here as a reply so others can vote and comment on it.

0 Karma
Reply
Get Updates on the Splunk Community!

Fueling your curiosity with new Splunk ILT and eLearning courses

At Splunk Education, we’re driven by curiosity—both ours and yours! That’s why we’re committed to delivering ...

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Splunk AI Assistant for SPL has transformed how users interact with Splunk, making it easier than ever to ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...