Collect windows event logs agentless

[Silvan Voser]

Hello,

I would like to collect event logs from windows machines with fluentd.
I found here a tutorial how this works with nxlog installed on the windows machine:
http://docs.fluentd.org/articles/windows

My question is:
Is it possible to collect event logs from windows with fluentd without installing an agent?
For example collect event logs from windows via wmi?
Is someone running fluentd and collects event logs from windows without an agent?

Thanks,
Silvan

[Kiyoto Tamura]

Hi Silvan-

Hi. I am the author of the linked article. There are a couple of ways to go about this:

1. Write/find a nxlog plugin that can fetch wmi results. I do not know enough about nxlog to tell you how easy/hard this is.

2. As you might know, there is an experimental windows branch for Fluentd: https://github.com/fluent/fluentd/tree/windows Please note that this branch is experimental, although I have seen 3rd party tutorials/blogs that use the windows branch. You can write a wmi input plugin following this plugin development guideline: http://docs.fluentd.org/articles/plugin-development

3. If you are a golang aficionado, you might want to check out Ik: https://github.com/moriyoshi/ik

Alternatively, we (as in my employer and a primary sponsor Treasure Data) are close to releasing a lightweight forwarder in Golang that runs on Windows. It won't have a nice pluggable architecture in the beginning though.

Hope this helps,

Kiyoto

--
You received this message because you are subscribed to the Google Groups "Fluentd Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to fluentd+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--

Check out Fluentd, the open source data collector to unify log management.