Too much info on Windows Security logs

tcqbt · August 3, 2021, 1:43pm

Hi,

I’m currently collecting Security logs of a bunch of Active Directory. The problem is the log messages came with a quick documentation at the end of it on how read it. Is there a way to disable this documentation directly on Windows or does someone has an idea to deal with it on Graylog ?

This is an exemple of the problem with the log message of a 4624 event.

(The thing I’m talking about is inside the red rectangle)

gsmith · August 3, 2021, 10:30pm

Hello && Welcome

What are you using to send log to Graylog?
How is this log shipper configured?

system · August 17, 2021, 10:31pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Best Windows syslog agent for Active Directory env? Graylog Central (peer support)	1	981	May 20, 2018
Windows event security log Graylog Central (peer support)	1	828	January 10, 2019
Help with Windows Server logs Graylog Central (peer support)	3	1075	July 6, 2022
Minimizing the amount of log data Graylog Central (peer support) nxlog	6	924	October 5, 2022
Windows Event Log - Security Graylog Central (peer support)	3	2136	July 1, 2019

Too much info on Windows Security logs

Related topics