I have a question about Graylog receiving Analytic (Verbose) from Windows Server Event Viewer.
Currently were using Nxlog Community addition nxlog-ce-2.10.2150.msi . After enabling logging for Debug and Analytical channels and these channels are based on ETW and cannot be collected as regular Windows Event log channels via the im_msvistalog module in NxLog
I also found out that NXLog enterprise version can collect logs from ETW with the im_etw module and send them to graylog. Does anyone know how I could accomplish this with out buying the enterprise version?
CentOS 7 Latest Version
Any advice, Ideas or direction would be appreciated.
Thank you in advance.