Microsoft Windows Server SolarWinds
Instructions for forwarding Microsoft Windows Server logs to your Log Management device using SolarWinds
PREREQUISITES
Microsoft Windows Server- SolarWinds Event Log Forwarder for Windows
- Credentials to access the Windows Server
- The IP Address for the Clone Systems Log Management device
1. An additional third party agent is required to configure your Microsoft Windows Server to send syslog. The following instructions will detail how to configure the free SolarWinds Event Log Forwarder for Windows. Navigate a browser to the SolarWinds Event Log Forwarder for Windows download page and click the Download Free Tool button.
2. Fill out the Registration Form and then click the Proceed to Free Download button. On the Add a Free 30-day Trial of Log & Event Manager pop up, click the Continue Without Adding link.
3. Download the Event Log Forwarder for Windows by clicking the Download Now button. The SolarWinds-LogForwarder-FreeTool-v1.2.0 zip file will be downloaded to your machine. Extract the files and run the SolarWinds_Event_LogForwarder_Setup Windows Installer Package.
4. On the Welcome to the SolarWinds Event Log Forwarder for WIndows Setup Wizard page click the Next button.
5. On the End-User License Agreement page select the I accept the terms in the License Agreement radio button and then click the Next button.
6. On the Configure Shortcuts page click the Next button.
7. On the Select Installation Folder page click the Next button.
8. On the Ready to Install page click the Install button.
9. On the Completing the SolarWInds Event Log Forwarder for Windows Setup Wizard page click the Finish button.
10. Launch the SolarWinds Event Log Forwarder for Windows application by clicking the Windows Start button and locating the application.
11. Once the SolarWinds Event Log Forwarder for Windows application loads the Event Log Forwarder Dashboard will be displayed. Click the Subscriptions tab and select the Add button.
12. On the Select Event Logs step select the types of logs you would like to forward (Ex: Application, HardwareEvents, Security, System, Windows PowerShell, etc.) and then click the Next button.
13. On the Define Priority step click the Finish button.
Note: On the Subscription tab you will now see the “New Event Log Subscription” that contains the information about the Windows event logs you are forwarding.
14. Click the Syslog Servers tab and select the Add button.
15. On the Add Syslog Server page enter the IPv4 address for the Clone Systems Log Management device in the Server Address field and then click the Create button.
Note: On the Syslog Servers page you will now see the “New Syslog Server” that contains the information about the Clone Systems Log Management device.
16. Click on the Test tab and select System for the Event logs you wish to add a test event to field and Warning for the Type of test event field and then click the Create a test event button.
Note: The Test event sucessfully created message will appear next to the Create a test event button if it was successful.
