How to verify centralized logging is set up on a Windows server and/or endpoint
dhicks
My question here is:
If I want to scan an asset to verify that event logs are getting forwarded via NXLog configuration, where will I find the evidence on the device that is sending the logs to the NXLog collector? Will this be somewhere in the registry, or should I look somewhere else?
