I am happy to introduce our latest free tool, Event Log Forwarder for Windows. If you own an Orion family product or Kiwi Syslog, you may already be familiar with this tool, as we previously offered this as a free add-on or application you had access to as a customer. Based on feedback from our customers and how much people love this tool we decided to make it free to all.
Many folks have dozens, if not hundreds of Windows Servers. Trying to monitor the Windows Event Logs for specific errors, warnings, etc. is a pain point to ensure the servers and apps on it are running well. Many folks may be running a Syslog server (like Orion SAM/NPM or Kiwi Syslog) for gathering Syslog messages from your network equipment as an example or have a log management solution (like Log & Event Manager) for centralizing and analyzing all of your logs. Event Log Forwarder for Windows helps these folks and is a lightweight app or agent you install on Windows machines which you care about looking for specific events.
A very basic example is failed login attempts to a Windows Server. Someone mistypes a password and you get one or two here and there, no biggie. However, if you see a spike and consistent pattern of failed login attempts, you are going to want to dig a bit deeper.
Simply define a subscription or what are the key events you care to know about and look for, as shown in the dialog below.
When we find a match, we take that Windows Event and wrap it up as a Syslog message and based on the defined Syslog Facility you define to categorize this event, we send it off to one or more defined Syslog servers. Depending on your environment we can send it as a standard UDP message or you can set it to use TCP as well for reliable delivery.
That’s it, simple and easy. Install on one Windows box or a thousand, it’s up to you. SolarWinds Event Log Forwarder for Windows is another free tool from SolarWinds we hope everyone can use and enjoy and you can download it here. If you have any questions or comments about this free tool, head on over to our thwack forum for this free tool.