Windows Event Log
Configure Windows Event Log Source with BindPlane
Supported Versions
Windows Server versions
- 2019
- 2016
- 2012 R2
- 2012
Configuration
| Option | Description |
|---|---|
| System Events | Toggle check box to enable/disable collection of System Event logs. |
| Application Events | Toggle check box to enable/disable collection of Application Event logs. |
| Security Events | Toggle check box to enable/disable collection of Security Event logs. |
| Max Reads | Use this field to set the maximum number of records read into memory before beginning a new batch. The default is '100'. |
| Poll Interval | Use this field to set the interval at which the channel is checked for new log entries. This check begins after all new records have been read. The default is '1'. |
| Start At | Choose whether to start reading from the beginning or end of a file with "end" being the default. |
Log Types
| Types |
|---|
| windows_event.system |
| windows_event.application |
| windows_event.security |
| windows_event.custom |
Advanced
For more information on the advanced configuration capabilities, see our detailed plugin guide here.
Updated over 3 years ago