Ingest Windows eventlog: NXlog or Winlogbeat?

cdarsac · April 21, 2021, 9:05am

Hello the Forum !

For Ingesting Windows eventlog, I have trouble choosing between NXlog and Winlogbeat.

What do you advise me, knowing that I am looking for the simplest solution to implement?

Thank you in advance.

H2Cyber · April 21, 2021, 7:02pm

Winlogbeat, which is already wrapped inside Sidecar. Sidecar would give you central management from Graylog :

Get the latest Sidecar executable from : Releases · Graylog2/collector-sidecar · GitHub
Install the Sidecar on your Windows system (which includes Winlogbeat) : Graylog Sidecar — Graylog 4.0.0 documentation
Follow the step by step guide to configure it : Graylog Sidecar — Graylog 4.0.0 documentation
Enjoy

rfinney · April 23, 2021, 8:52pm

Winlogbeat. Easy to use and setup.

Topic		Replies	Views
How to Send Syslog Data From Windows Server 2016 Graylog Central (peer support) sidecar , nxlog , filebeat-windows , winlogbeat , nodatanx	9	11279	September 23, 2017
Small Network Deployment Graylog Central (peer support) sidecar , winlogbeat	10	1121	June 3, 2019
Sending Windows Logs to GrayLog Graylog Central (peer support) sidecar , winlogbeat	2	6832	July 21, 2021
Anyone Monitoring Windows Desktops? Graylog Central (peer support) sidecar , winlogbeat	3	1389	October 9, 2018
How to send logs from Windows Graylog Central (peer support) sidecar , filebeat-windows , winlogbeat	9	6350	November 16, 2017