I have been asked a few time how to mass deploy the Log Insight Windows agent and thought I would share this documentation link, which…
As you probably know, Windows does not natively support syslog. Several third party syslog agents exist for Windows, but each come with a list of pros and cons (for examples see this post). In addition, getting support for a Window agent can be costly. To address these limitations, Log Insight has introduced a Windows agent. I would like to walk you through how to install and configure the agent.
In my previous post, I discussed how to build Log Insight Windows agent configuration sections for monitoring log files, in this post I would like to provide some additional sample configurations for common Microsoft and VMware applications. I will be updating this post over time so be sure to check back from time to time!
In order to send events from a Windows device to a remote syslog server like Log Insight, you need a syslog agent. Windows does not natively support syslog. The good news is that several syslog agents for Windows exist. I would like to cover my considerations and recommendations for a syslog agent on Windows.
UPDATE: As of Log Insight 2.0, Log Insight offers a free Windows agent that supports the syslog protocol and Log Insight’s ingestion API. For more information see these posts.
Since the Log Insight Agent was introduced, it has supported silent installation options to assist in automated deployments. The silent installation options were primarily focused around server, port, and protocol specifications. With the change of enabling SSL by default in Log Insight 4.0, additional parameters became necessary to automate the deployment of the agent in all environments. In addition, there have been feature requests to control other aspects of the agent during installation. In version 4.5, additional parameters were introduced to provide the flexibility you need. Read on to learn more!