Skip to main content
Question

Ideal way to handle windows logs

  • March 11, 2025
  • 4 replies
  • 58 views
R

With Cribl Stream what is the best practice for receiving windows logs?

    4 replies

    T
    • Tony R
    • Employee
    • March 11, 2025

    I would use Cribl Edge. You can explore the file system through Edge and then monitor or ingest the logs. You can also pull the Windows Event Logs.
    https://docs.cribl.io/edge/sources-windows-event-logs

    R
    • Ronnie Tirella
    • Author
    • Known Participant
    • March 11, 2025

    is that the only way?

    T
    • Tony R
    • Employee
    • March 11, 2025

    You can use file monitor with Stream installed on a machine ( https://docs.cribl.io/stream/sources-file-monitor ). You can also use Windows Event Forwarder (WEF) ( https://docs.cribl.io/stream/sources-wef ). You can also use other providers agents.

    As you can see, there are multiple ways. How are you hoping to bring data in to Cribl?

    R
    • Ronnie Tirella
    • Author
    • Known Participant
    • March 11, 2025

    Trying to do this the most simple/smooth way.

    Terms & ConditionsAccessibility statement