How to collect to windows log on graylog

1. step Download whoruevent

visit to https://asecurity.so/windows-server-log-collector-who-is-use-my-system/whoruevent/ and download whoruevent.zip

 

2. step copy and paste in windows server

Decompress that zip file, Then copy and paste to windows server.

3. step configuration whoruevent

Configuration syslog_ip and collect log type in eventlog section.

4. step install whoruevent for service type

Install service type, If you install it as a service type, it runs even if you do not log in. It is suitable for server method.

5. step check collect log

last is check to collect to log on graylog

Facebook Comments

Leave A Reply

이메일은 공개되지 않습니다. 필수 입력창은 * 로 표시되어 있습니다.