在过去使用
Windows Server 2003时,我能够使用evtsys(
https://engineering.purdue.edu/ECN/Resources/Documents/UNIX/evtsys)将事件日志发送到中央网络系统日志服务器.它没有提到对Server 2008的支持,但确实提到了发送Windows Vista日志的问题.
是否有任何好的服务/实用程序,甚至PowerShell脚本(最好是其中一个,因为这不会是连续的)可以将事件日志发送到中央系统日志服务器?
您可以使用
Snare for Windows,一个根据GNU公共许可证(GPL)条款发布的免费软件(免费软件).
Snare for Windows Vista is a Windows
2008 and Windows Vista compatible
service that interacts with the
underlying “Crimson” Eventlog
subsystem to facilitate remote,
real-time transfer of event log
information. Snare for Windows Vista
also support 64 bit versions of
Windows (X64 and IA64).Event logs from the Security,Application and System logs,as well as the new DNS,File Replication Service,and Active Directory logs are supported. The supported version of the agent also accommodates custom Windows event logs. Log data is converted to text format,and delivered to a remote Snare Server,or to a remote Syslog server with configurable and dynamic facility and priority settings.
