Using NxLog with to_syslog_snare() for Windows Events
#1
jwilliams1010
Using NxLog with "EXEC to_syslog_snare();" to output Windows Events. What parser should be used by the Decoder? I thought maybe winevent_snare but maybe it is rhlinux.
Which parser should be used... or should I only care the windows event logs are parsed correctly?
#1
jwilliams1010
Using NxLog with "EXEC to_syslog_snare();" to output Windows Events. What parser should be used by the Decoder? I thought maybe winevent_snare but maybe it is rhlinux.
Which parser should be used... or should I only care the windows event logs are parsed correctly?
Hey,
Im not sure if I understand your correctly - what decoders are you asking about?
Best regards,
Raf
