I have Kiwi Syslog installed on a Win10 VM with no AV and firewall off. It is receiving events from our network firewall. Current priority from the firewall is set to Local0.Info. Where I am having issues is with the Event Log Forwarder for Windows on our server not sending events to the syslog server. Running a test event from the Forwarder is successful. I have turned off Symantec AV and windows firewall on the server. The default syslog facility is set to Kernel. I have tried going into the syslog service manager setup and changes settings without luck. I can ping the syslog server from the server that has the forwarder installed.
What is the version of Windows 10 on your PC?
On my PC, Event Log Forwarder for Windows (220.127.116.11) was forwarding the event log normally when it was Windows 10 (version 1809) and (version 1903).
However, after updating to version 1909 and applying several updates to bring it up to date, the Event Log Forwarder for Windows (18.104.22.168) no longer forwards the event log.
I reported this incident to SolarWinds technical support, but was told that ELF is a free tool, so they won't support it.
So, I'm considering using a paid event log transfer tool from another company.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.