Differences between nxlog and windows sysmon event log?

#1 incle 5 years ago

I want to send the window event log generated from the normal PC to the graylog.

My first plan was to install sysmon and send it to graylog, but I had difficulty with the transport part

So I got to know nxlog.

I need the Windows event log from sysmon, which is the Windows security log. Can I check this in nxlog?

Thank you for your guide.

And I want to know the difference between nxlog and sysmon log

Permalink

#2 Zhengshi Nxlog ✓ 5 years ago

#1 incle

I want to send the window event log generated from the normal PC to the graylog. My first plan was to install sysmon and send it to graylog, but I had difficulty with the transport part So I got to know nxlog. I need the Windows event log from sysmon, which is the Windows security log. Can I check this in nxlog? Thank you for your guide. And I want to know the difference between nxlog and sysmon log

I need the Windows event log from sysmon, which is the Windows security log. Can I check this in nxlog?

Of course! Please see the following section of the manual as it describes how to pull Sysmon events from the Windows EventLog.
On Windows Vista and higher, Sysmon’s events are stored in the Microsoft-Windows-Sysmon/Operational event log.
https://nxlog.co/documentation/nxlog-user-guide/sysmon.html