Windows Event Log

Configure Windows Event Log Source with BindPlane

356

Supported Versions

Windows Server versions

  • 2019
  • 2016
  • 2012 R2
  • 2012

Configuration

OptionDescription
System EventsToggle check box to enable/disable collection of System Event logs.
Application EventsToggle check box to enable/disable collection of Application Event logs.
Security EventsToggle check box to enable/disable collection of Security Event logs.
Max ReadsUse this field to set the maximum number of records read into memory before beginning a new batch. The default is '100'.
Poll IntervalUse this field to set the interval at which the channel is checked for new log entries. This check begins after all new records have been read. The default is '1'.
Start AtChoose whether to start reading from the beginning or end of a file with "end" being the default.

Log Types

Types
windows_event.system
windows_event.application
windows_event.security
windows_event.custom

Advanced

For more information on the advanced configuration capabilities, see our detailed plugin guide here.