Hello,

first of all, sorry to bother you with a question that might be easy for you, but im a bit lost.

I would like to know if NXlog is compatible with WEF ?

Long story made short, I plan on using NXlog to output to my SIEM Security logs of Windows Domain Controller following this guide : 

https://www.petri.com/configure-event-log-forwarding-windows-server-2012-r2

wich as you can see, is to configured windows event forwarding ( to reduce the number of nxlog installation on critical server )

Once that first part done, I would like to know what config I should set to be able to "fetch" all of the "Forwarded Event" on my "windows log collector" ?

Thank you !