Windows Event Forwarder and NXLog
gh0stid
Hello,
first of all, sorry to bother you with a question that might be easy for you, but im a bit lost.
I would like to know if NXlog is compatible with WEF ?
Long story made short, I plan on using NXlog to output to my SIEM Security logs of Windows Domain Controller following this guide :
https://www.petri.com/configure-event-log-forwarding-windows-server-2012-r2
wich as you can see, is to configured windows event forwarding ( to reduce the number of nxlog installation on critical server )
Once that first part done, I would like to know what config I should set to be able to "fetch" all of the "Forwarded Event" on my "windows log collector" ?
Thank you !
