How to forward Windows event logs to a syslog server (Syslog Watcher)

How to forward Windows event logs to a syslog server (Syslog Watcher)

Windows OS does not have built-in syslog protocol support. It means that Windows can send system log messages to a syslog server using third-party utilities only.
Here is a brief instruction on how to translate Windows event log records to syslog messages and send them to a syslog server, for example, Syslog Watcher.
  1. Install EventLog Inspector and run EventLog Inspector Manager.
  2. Make sure the service is running and marked to start automatically.


  3. Switch to Settings tab ad elect the Syslog group. Set the syslog settings as required by your syslog server. Here is an example:


  4. Go to the Forwarding group and select option: Forward all system events to syslog server.


  5. (optional) You can customize the Syslog message template to fit your syslog server better
  6. Click Apply button
EventLog Inspector will forward all Windows system event records to the syslog server you specified.