Paul Nelson from Opsbot has written an excellent article titled Windows as a First-Class Centralized Logging Citizen discussing centralized logging using open source tools. Well worth the read!
Update: the article is no longer available.
Loggly offers cloud based storage and analytics services for log data. NXLog can be used to collect and send logs off to the Loggly service.
Below is a configuration that can be used for a start. Make sure to set the value of CUSTOMER_TOKEN properly. If you are unsure where to get this, see the article about the cusomer token in the Loggly support center.
The latest release of NXLog log management tools brings several bug fixes and enhancements such as better Snare compatibility and various regular expression modifiers.
The full changelog is listed below:
The detailed changes are as follows:
Service control manager could not properly shut down the service on windows2003 and possibly other windows versions. This could have resulted in unsaved positions and duplicated log collection on system restart.
Fixed a panic in nx_config_cache_write() during shutdown.
Fixed an assertion failure when pm_pattern was trying to set an invalid datetime field.
The installer adds 'eventlog' as a dependency for the nxlog service.
Some error conditions (e.g. The interface is unknown, Access is denied, Invalid parameter, etc) should be handled better now by im_mseventlog.
