Home :: Blogs :: greg's blog

Windows Event Monitoring through Syslog

Submitted by greg on Wed, 02/07/2007 - 23:35
Tagged:

There seem to be a number of fancy ways to get Windows machines to send their Events to a syslog server, but for downright simplicity, I chose evtsys from the Purdue Engineering Computer Network. To make it even easier, I added a silent installer on top of it using NSIS so we could deploy through our systems management tools.This version send logs to the host loghost, so if it's not defined on your network, you could mess up your network, or at least the local host and segment. You can easily modify the installer script to send to a different IP or hostname. At the top of the script is a LOGHOST variable, just change the value of loghost to whatever is appropriate for your own network. Then just recompile using NSIS.Files:

Bookmark/Search this post with

Comments

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.
  • You can enable syntax highlighting of source code with the following tags: <code>, <blockcode>, <pre>, <shell>, <c>, <drupal6>, <java>, <javascript>, <objc>, <perl>, <php>, <python>, <rails>, <ruby>, <sql>, <xmlcode>. The supported tag styles are: <foo>, [foo].

More information about formatting options

CAPTCHA
This question is for testing whether you are a human visitor and to prevent automated spam submissions.