您好,请知:
使用Nxlog将Windows日志以syslog形式发送至日志Syslog服务器
nxlog下载地址:/download/c1052981766/10299741
下载之后进行安装;
查看服务:
修改配置文件:C:\Program Files (x86)\nxlog\conf\nxlog.conf
## This is a sample configuration file. See the nxlog reference manual about the## configuration options. It should be installed locally and is also available## online at /nxlog-docs/en/nxlog-reference-manual.html## Please set the ROOT to the folder your nxlog was installed into,## otherwise it will not start.#define ROOT C:\Program Files\nxlogdefine ROOT C:\Program Files (x86)\nxlog Moduledir %ROOT%\modules CacheDir %ROOT%\data Pidfile %ROOT%\data\nxlog.pid SpoolDir %ROOT%\data LogFile %ROOT%\data\nxlog.log Module im_msvistalog# For windows and earlier use the following:# Module im_mseventlogReadFromLast TRUE SavePos FALSE Query \ \ *\ *\ \ Module om_udp Host 192.168.25.65 Port 514 Pathin =>out
服务端进行监听:
tcpdumpudpandsrcip-w25.221.cap
wireshark查看:
