/
Windows
Document toolboxDocument toolbox

Windows

Owned by Juan Tomás Alonso Nieto (Deactivated)
May 23, 2022

There are two ways you can send Windows system and event logs to Devo. It is also possible to use WMI to manage the remote collection of log events however this is very likely to have a negative impact on performance. Although this is not the preferred method, we also offer some instructions for setting up WMI to collect logs and send them to a Devo endpoint.

Snare Agent for Windows

The Snare Agent for Windows is a third-party tool. If you want to forward these events to your Devo domain, you must use the box.win_snare tag.

NXLog for Windows event collection

Customers who already use NXLog might prefer to use it to send their Windows events to Devo. When NXLog is used, you must use the box.win_nxlog tag. Read all about it here.

Related content

Windows
Windows
Devo v7.12.0
More like this
box.win
box.win
7.13
More like this
NXLog for Windows event collection
NXLog for Windows event collection
Devo latest
More like this
NXLog for Windows event collection
NXLog for Windows event collection
Devo v7.10.0
More like this
Event sources
Event sources
Devo v7.10.0
More like this
Event sources
Event sources
Devo v7.12.0
More like this