Windows .evt files to graylog
mathieurv
Has anyone succeed in sending .evt file content to graylog ?
Actually, I found that:
- Using im_file module I can parse .evt file and send its content outside, but logs are bad formatted
- Using im_vistalog module I can't parse .evt files only the Windows Event log, but logs are well formatted
Any advice someone ?
Maybe it is possible to send the ouput of im_file to im_vistalog ?
Thanks,
--
Mathieu
