Earlier this year, we added log forwarding to our Infrastructure agent, giving you the ability to send infrastructure logs to New Relic One.
After overwhelming requests, we’ve extended that capability, so you can forward Windows Events for log management in New Relic One’s Telemetry Data Platform. Now, if you’re a Windows user, you can send all logs to New Relic One or use our updated filters to select exactly which log types and specific messages you’re interested in forwarding based on their EventID.
Windows Event logs–vital observability data
Windows Event logging provides a standard, centralized way for applications (and the operating system) to record important software and hardware events. The event logging service records events from various sources and stores them in a single collection called an event log.
Windows Event logs are a vital source of observability data for our Windows users, and implementing this functionality makes it easy to get that data into New Relic One. In this article, we’ll quickly show you how to take advantage of this helpful feature.
Get started with Windows Event logs in New Relic
To start sending Windows Event logs to New Relic One, you just have to add a simple YAML configuration file in our Infrastructure agent’s configuration. That looks like this:
logs: - name: windows-security winlog: channel: Security collect-eventids: - 4624 - 4265 - 4700-4800 exclude-eventids: - 4735
As you see, you have to define what channel you want the Infrastructure agent to be listening to. For this particular channel, you can also define which EventIDs should be collected or which should be excluded. (Note that the excluding rule takes precedence over the including one). This can be done by listing individual EventIDs or by defining a range.
If no filter is defined, all logs from that channel will be forwarded to New Relic. To configure other channels, you’ll have to define another configuration block similar to our example above. Once you have defined the configuration file, you should start to see your Windows Events in New Relic Logs. With our innovative log management, experience more intuitive log analytics.
To start taking advantage of this feature now, sign into New Relic One or sign up for Telemetry Data Platform for free and ingest 100 GB free every month.
이 블로그에 표현된 견해는 저자의 견해이며 반드시 New Relic의 견해를 반영하는 것은 아닙니다. 저자가 제공하는 모든 솔루션은 환경에 따라 다르며 New Relic에서 제공하는 상용 솔루션이나 지원의 일부가 아닙니다. 이 블로그 게시물과 관련된 질문 및 지원이 필요한 경우 Explorers Hub(discuss.newrelic.com)에서만 참여하십시오. 이 블로그에는 타사 사이트의 콘텐츠에 대한 링크가 포함될 수 있습니다. 이러한 링크를 제공함으로써 New Relic은 해당 사이트에서 사용할 수 있는 정보, 보기 또는 제품을 채택, 보증, 승인 또는 보증하지 않습니다.
