Question:
Can I collect event logs on Windows 2003?
Answer:
Due to system library limitations, Sumo Logic, unfortunately, cannot collect Windows Events from Windows 2003 servers and therefore does not support it.Local Windows Events Sources can only be configured on systems running Windows Server 2012 and later as per below KB article:
https://help.sumologic.com/Send_Data/Sources/01Sources_for_Installed_Collectors/Local_Windows_Event_Log_Source
In order to collect Windows events from Windows 2003 servers, you would need to look into a third-party utility such as NXlog or Snare, which can read these events and can then forward them to a Syslog Source configured on a Local Collector on a supported OS.
Please note that these third party tools are not supported by Sumo Logic Technical Support.
Help on the Sumo Logic Syslog Source can then be found through the following help.
https://help.sumologic.com/03Send-Data/Sources/01Sources-for-Installed-Collectors/Syslog-Source
Comments
0 comments
Please sign in to leave a comment.