With Cribl Stream what is the best practice for receiving windows logs?
I would use Cribl Edge. You can explore the file system through Edge and then monitor or ingest the logs. You can also pull the Windows Event Logs.
is that the only way?
You can use file monitor with Stream installed on a machine (
). You can also use Windows Event Forwarder (WEF) (
). You can also use other providers agents.
As you can see, there are multiple ways. How are you hoping to bring data in to Cribl?
Trying to do this the most simple/smooth way.