Forwarding WEF / collector events onto another source. - Page 1

#1 DW_268040 3 years ago

Hi, we have windows event forwarding configured with a lot of subscripts and filtering already configured across a deployemnt of Windows servers.

I would like to use NXLOG EE to install on our two Windows event collectors to forward these events off to a SIEM. Looking at the documentation seems I need to setup a Linux server to act as the WEC for this purpose?

Permalink

#2 rafDeactivated Nxlog ✓ 3 years ago

#1 DW_268040

Hi, we have windows event forwarding configured with a lot of subscripts and filtering already configured across a deployemnt of Windows servers. I would like to use NXLOG EE to install on our two Windows event collectors to forward these events off to a SIEM. Looking at the documentation seems I need to setup a Linux server to act as the WEC for this purpose?

Hello,

One of the superpowers of NXLog Enterprise Edition is the ability to collect Windows logs not only using Windows machines, but you can do it also using Linux. Being that said, it's not a problem to use Windows machine for this purpose - the choice is you, and you have freedom in building your infrastructure.

If you want to test NXLog Enterprise Edition - you can request a free trial and our Presales Engineers will be happy to assist you with your testing.

Best regards,
Rafal