Is it possible to ship window event viewer logs from syslog-ng server to ELK? Normally I would install winlogbeat on windows server and ship directly to logstash but for this scenario, I won't be able to install an agent on the windows server. So if there already is an agent in place on the windows server that will send to a syslog-ng server, how would I go about shipping those logs from the syslog server to logstash?
Logstash has a sysylog input. I'm not overly familiar with syslog-ng, but I imagine you can configure syslog-ng send syslog style messages to Logstash.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.