I never got nxlog to work right for me. I tried to ship logs but ended up using logstash <http://logstash.net/>for *nix servers and Cisco devices. I shipp logs to Graylog2 <http://graylog2.org> but it should work with anything. Kibana <http://kibana.org/>may be easier to setup though. http://logstash.net/docs/1.2.0/inputs/eventlog Regards -- Oscar Gatamah On Thu, Sep 5, 2013 at 1:14 PM, Odhiambo Washington <odhiambo@gmail.com>wrote:
Hi GG,
Disclaimer: I have not tried any of this, though I like the idea.
As suggestions, I have seen these applications: http://sourceforge.net/projects/el2sl/ http://www.saeedpazoki.com/how-to-send-windows-events-to-syslog-server/ http://code.google.com/p/eventlog-to-syslog/
These tutorials:
http://troy.jdmz.net/syslogwin/
http://help.papertrailapp.com/kb/configuration/configuring-remote-syslog-fro...
http://www.rsyslog.com/forward-windows-eventlogs-with-rsyslog-windows-agent/
- which I am sure you are already familiar with...
- and think that with Wireshack (on the Windows PCs) and tcpdump (on the Limux) , you should be able to see what is going on.
On 5 September 2013 09:47, geoffrey gitagia <ggitagia@gmail.com> wrote:
Hi All once again my adventures in open source has led me back here , so here is my issue
I have setup Observium (On ubuntu) to monitor my servers which its doing a heck of a job , i have everything running (80%) but now i want to be getting event logs , i setup rsyslog and its up and running listening to port 154 on udp (still trying to get TCP) , but my main issue is that i cant get any of the windows event log to syslog converters working am on nxlog and snare <http://www.intersectalliance.com/projects/SnareWindows/>(not sure if they are checking udp but my configs are set to udp) , so my question is how do i check on where the problem is and if possible how to fix it.
-- GG
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Best regards, Odhiambo WASHINGTON, Nairobi,KE +254733744121/+254722743223 "I can't hear you -- I'm using the scrambler."
_______________________________________________ skunkworks mailing list skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke