How to collect to windows log on graylog

1. step Download whoruevent

visit to https://asecurity.dev/windows-server-log-collector-who-is-use-my-system/whoruevent/ and download whoruevent.zip

 

2. step copy and paste in windows server

Decompress that zip file, Then copy and paste to windows server.

3. step configuration whoruevent

Configuration syslog_ip and collect log type in eventlog section.

4. step install whoruevent for service type

Install service type, If you install it as a service type, it runs even if you do not log in. It is suitable for server method.

5. step check collect log

last is check to collect to log on graylog

Facebook Comments

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Detection ADBlockPlease, Disable or add to white list on our site.