Request trial
Request Trial

Send windows application logs only by specific source name.

View thread
fg

Hi,

We are looking for a way to only send certain windows application log types to Loggly, could use some help in getting this setup.

Sample (sanitzed) windows application log:

Log Name:      Application
Source:        PlatformService
Date:          4/15/2015 5:59:58 PM
Event ID:      0
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:     XXXXXX.domain.com
Description:
AccountId: 6239745
Email: f3a61cd60de521d6d2c4598713b6e0600aae4e17
Client: PlatformService
EventType: Stats
LoginMethod: Setup

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="PlatformService" />
    <EventID Qualifiers="0">0</EventID>
    <Level>4</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2015-04-15T17:59:58.000000000Z" />
    <EventRecordID>XXXXXX</EventRecordID>
    <Channel>Application</Channel>
    <Computer>XXXXXX.domain.com</Computer>
    <Security />
  </System>
  <EventData>
    <Data>AccountId: 123456
Email: 123456
Client: Harmony Platform Service
EventType: Stats
LoginMethod: Setup
</Data>
  </EventData>
</Event>

We want to be able to search in Loggly using source:

source = "PlatformService"

Subscribe to our newsletter to get the latest updates, news, and products releases.

© Copyright 2024 NXLog Ltd.

PRIVACY POLICY GENERAL TERMS OF BUSINESS