Use NXLog for sending Window Event Logs
To send Window Event Logs, please use our NXLog integration. Please see the docs here for more information on the installation.
Requirements
To install the agent through Chocolatey, you will need:
- Windows 7+/Windows 2003+ (Server Core also, but not Windows Nano Server)
- Windows PowerShell v3+ (not PowerShell Core aka PowerShell 6 yet)
- .NET Framework 4.x+
Setup
To enable logging on your Windows environment, install the agent through Chocolatey
- Install Chocolatey
@powershell -NoProfile -ExecutionPolicy Bypass -Command “iex ((new-object net.webclient).DownloadString(‘https://chocolatey.org/install.ps1’))” && SET PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin
-
Install the LogDNA agent for Windows
choco install logdna-agent -y -
Add your LogDNA ingestion key for the agent to work
logdna-agent -k <insert your LogDNA ingestion key> -
Start the LogDNA agent using nssm
nssm start logdna-agent
Configurations
Files and Directories
By default. the logs in this directory are ingested:
%ALLUSERSPROFILE%\logs
To add other directories, use
logdna-agent -d C:\path\to\log\folders
To add other files, use
logdna-agent -f C:\path\to\log\folders\my.log
Configuration File
By default a configuration file is automatically generated (e.g. when you enter the ingestion key in step 3 above) and placed in the following path:
C:\ProgramData\logdna\logdna.conf
To create your own config file, use the following command:
logdna-agent -c C:\path\to\config\file\path
Check the Readme on Github to learn more about what options are supported in the configuration file.
Here is a sample configuration file:
PS C:\Windows\system32> logdna-agent -l
C:\ProgramData\logdna\logdna.conf:
logdir = C:\ProgramData\logs
key = <your key>
You can view your configuration file at anytime with this command: logdna-agent -l
Tags
You can tag each agent instance with a tag to be viewed on the LogDNA app.
logdna-agent -t mytag
Updated 5 months ago