|
|
|
|
|
SysLog is based on UDP (usually port 514). SysLog is an "unreliable" protocol in the sense that neither the client nor the server will know (or care) if SysLog messages are dropped by the network.
Event Reporter
An eight-year-old commercial client called "Event Reporter" is available to perform filtering on event logs before sending them to a SysLog.
Snare
A freeware client called Snare is available to perform filtering on event logs before sending.
WinAgents Event Log Translation Service
A commercial client called "WinAgents Event Log Translation Service" is available to perform some filtering on event logs before sending them to a SysLog server and/or an SNMP management console.
winlogd
A freeware utility called winlogd can be used to scoot all events from all event logs to a designated SysLog server.
D:\temp>winlogd -i
Installation successful, say `net start winlogd`
D:\temp>winlogd --show
Server: 192.168.101.1
Port: 514
Facility: LOCAL3
Monitor: 6000
Flush: 6000
D:\temp>net start winlogd
The winlogd service is starting.
The winlogd service was started successfully.
This program does not have a lot of options (Server, Port and Facility), but it is a quick and effective way to get MOVEit DMZ events and other interesting messages into a designated SysLog server.