Forward Logs to the Log Insight Windows Agent

You can forward logs from Windows machines to a machine where the Log Insight Windows Agent is running.

You can use Windows Log Forwarding to forward logs from multiple Windows machines to a machine on which the Log Insight Windows Agent is installed. You can then configure the Log Insight Windows Agent to collect all forwarded logs and send them to a vRealize Log Insight server.

Get familiar with Windows Log Forwarding. See http://technet.microsoft.com/en-us/library/cc748890.aspx and http://msdn.microsoft.com/en-us/library/windows/desktop/bb870973(v=vs.85).aspx.

Prerequisites

See Collect Logs from Windows Events Channels.

Procedure

Add a new section to the Log Insight Windows Agent configuration to collect logs from the Windows event channel that receives forwarded logs.
The default channel name is ForwardedEvents.
Set up Windows Log Forwarding.

What to do next

Go to the vRealize Log Insight Web user interface and verify that forwarded logs are arriving.