You can forward events from Windows machines to a machine where the Log Insight Windows Agent is running.
You can use Windows Event Forwarding to forward events from multiple Windows machines to a machine on which the Log Insight Windows Agent is installed. You can then configure the Log Insight Windows Agent to collect all forwarded events and send them to a vRealize Log Insight server.
Get familiar with Windows Event Forwarding. See http://technet.microsoft.com/en-us/library/cc748890.aspx and http://msdn.microsoft.com/en-us/library/windows/desktop/bb870973(v=vs.85).aspx.
- Add a new section to the Log Insight Windows Agent configuration to collect events from the Windows event channel that receives forwarded events.
The default channel name is ForwardedEvents.
- Set up Windows Event Forwarding.
What to do next
Go to the vRealize Log Insight Web user interface and verify that forwarded events are arriving.