Question:
Can I collect event logs on Windows 2003?
Answer:
Due to system library limitations, Sumo Logic, unfortunately, cannot collect Windows Events from Windows 2003 servers and therefore does not support it. Our Windows event log sources are only supported for 2008 and later as per our KB article:
https://help.sumologic.com/Send_Data/Sources/01Sources_for_Installed_Collectors/Local_Windows_Event_Log_Source
In order to collect Windows events from Windows 2003 servers, you would need to look into a third-party utility such as Snare, which can read these events and can then forward them to a Syslog Source configured on a Local Collector on a supported OS. There is an open source version of the Snare agent which you can download from the following link.
https://sourceforge.net/projects/snare/
Please note that this is not supported by Sumo Logic Technical Support.
Help on the Sumo Logic Syslog Source can then be found through the following help.
https://service.sumologic.com/help/Default.htm#Collecting_from_Syslog.htm
Comments
0 comments
Please sign in to leave a comment.