Many network devices utilize the Syslog protocol for sending logging to centralized log management tools. But Windows utilizes a proprietary logging format in Application, Security, and System logs. How can we get these logs into Syslog?
Check out the NTsyslog project on Sourceforge. NTsyslog installs as a Windows service. Periodically, NTsyslog polls the Windows event logs. The service then re-formats the the event and sends it out over the Syslog protocol. Under the hood, NTsyslog is written in Microsoft C++ and leverages the Microsoft Foundation Class Library (MFC) to access the Win32 API. NTsyslog is available for free under the GPL license.
Posted by