Hello,

After looking on the community forum i didn't really get the answer i was seeking.

I'm sending windows log to a syslog and to a splunk,

I got some issue about parsing the Message part as you can see : https://cdn.discordapp.com/attachments/700242491227635714/766300884971159562/unknown.png

This is my conf : https://cdn.discordapp.com/attachments/700242491227635714/766301478897451048/unknown.png https://cdn.discordapp.com/attachments/700242491227635714/766301597541335060/unknown.png

Maybe this is not the good way to do it, i have to send in syslog because i'm sending it after to an elasticsearch and the splunk.

Thank you for your help :)