Is there anyway to retrieve the event logs (system, application, security, etc) of a Windows XP/2003/Vista machine without using the syslog? Ideally it would use WMI and/or RPC calls?
Ideally, I'd like poll my servers for their Windows events every hour and setup alerts based on those events. Then once a week I'd like to have a discovery go out and grab the last weeks worth of events from all my client machines (XP) and then parse them for specific events like Disk, Userenv, netlogon, etc and generate a report.
Overall, grabbing the events from the servers (without having to use third-party syslog software) is crucial.