rsyslog

The rocket-fast system for log processing

How To setup EventLogMonitor V1 Service

Attention: This Guide is for Windows XP or 2003 if you use Vista or Win7 then use EventLogMonitor V2.

1. First, right click on "Services", then select "Add Service" and then "Event Log Monitor":

2. Once you have done so, a new wizard starts.
If the following Popup appears, please select "Create Service":

Again, you can use either the default name or any one you like. We will use "My Event Log Monitor" in this sample. Leave the "Use default settings" selected and press "Next".

3. As we have used the default, the wizard will immediately proceed with step 3, the confirmation page. Press "Finish" to create the service. The wizard completes and returns to the configuration client.

4. Now, you will see the newly created service beneath the "Services" part of the tree view. To check its parameters, select it:

As you can see, the service has been created with the default parameters.

Note: The "Default RuleSet" has been automatically assigned as the rule set to use. By default, the wizard will always assign the first rule set visible in the tree view to new services. In our case, this is not correct and will be corrected soon.

5. Finally, save the change and start RSyslog Windows Agent.

That was it.