People often ask us how they can use Kiwi Syslog Daemon to receive logging information from their Windows systems as well as all their other network devices.

This is a perfectly reasonable question. It certainly makes sense to use one tool to collect all your logging information into one centralised location. Doing this not only allows you to monitor your whole network in real-time, and provide alerts as necessary, but it also provides a central storage point that can then be used for future analysis if desired.

Great you say - so what solution can you offer me?

Unfortunately Windows systems do not natively support logging via syslog (which is the main protocol Kiwi Syslog Daemon uses for receiving messages), instead they use the Windows Event Log to store all their logging information.

The next issue with this is that Kiwi Syslog Daemon does not support monitoring of the Windows Event Log. It was decided this job was better suited to an agent based system located on each of the Windows systems.

So again you ask...that aside, what kind of solution can you offer me?

Well - rather of re-invent the wheel, we decided to recommend a really good tool that does exactly what you need.

For this task, we recommend that you use Snare Agent for Windows.

Snare Agent for Windows is a freeware Windows NT service that monitors, collects and processes Windows Event Log information. It monitors all three event logs and the information is converted to tab or comma delimited text format, then delivered via UDP to a remote server, such as Kiwi Syslog Daemon.

You will need to install the Snare Agent for Windows on each of the Windows systems that you are wanting to collect Event Log information from, and configure it to send to the IP address of the system that Kiwi Syslog Daemon is installed on.

For information on how to set up Snare Agent for Windows to send to Kiwi Syslog Daemon please have a look at the following link.

Configuring Snare Agent for Windows

If you find that you are still having issues after reading the information above then don't worry. Visit our support page, open a support case and one of our dedicated support staff will get back to you in no time at all.