Re: [syslog-ng] Syslog-ng Windows Agent & WIN2008 Event Forwarding Subscription

> I am not sure that these programs can forward events coming from
> other windows forwarded by WinRM. (so these events are in
> ForwardedEvents store on the server, and syslog-ng agent forward
> these forwarded events to a syslog-ng).
>
> Can you confirm that these programs can do it?
>

I have not tried EvtSys with subscriptions, but I know that by default
it will forward all sources (Security, Application, etc.) including
any custom or otherwise non-standard sources. If ForwardedEvents is
considered a source, it will be forwarded along with everything else.
I should also point out that you can configure EvtSys to filter out
messages in a granular way with some registry keys if you don't want
everything.
______________________________________________________________________________
Member info: https://lists.balabit.hu/mailman/listinfo/syslog-ng
Documentation: http://www.balabit.com/support/documentation/?product=syslog-ng
FAQ: http://www.campin.net/syslog-ng/faq.html

• This message: [ Message body ]
• Next message: Szilárd Szabó: "Re: [syslog-ng] Syslog-ng Windows Agent & WIN2008 Event Forwarding Subscription"
• Previous message: Bill Anderson: "Re: [syslog-ng] syslog-ng 3.1.3-2 - working examples of remote logging"
• In reply to: Zoltán Pallagi: "Re: [syslog-ng] Syslog-ng Windows Agent & WIN2008 Event Forwarding Subscription"
• Next in thread: Szilárd Szabó: "Re: [syslog-ng] Syslog-ng Windows Agent & WIN2008 Event Forwarding Subscription"
• Reply: Szilárd Szabó: "Re: [syslog-ng] Syslog-ng Windows Agent & WIN2008 Event Forwarding Subscription"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]