Ideal way to handle windows logs

Ronnie Tirella · October 17

With Cribl Stream what is the best practice for receiving windows logs?

Tony Reinke - Cribl · October 17

I would use Cribl Edge. You can explore the file system through Edge and then monitor or ingest the logs. You can also pull the Windows Event Logs.
https://docs.cribl.io/edge/sources-windows-event-logs

Ronnie Tirella · October 17

is that the only way?

Tony Reinke - Cribl · October 17

You can use file monitor with Stream installed on a machine ( https://docs.cribl.io/stream/sources-file-monitor ). You can also use Windows Event Forwarder (WEF) ( https://docs.cribl.io/stream/sources-wef ). You can also use other providers agents.

As you can see, there are multiple ways. How are you hoping to bring data in to Cribl?

Ronnie Tirella · October 20

Trying to do this the most simple/smooth way.

Answers