observIQ Cloud

The observIQ Cloud Developer Hub

Welcome to the observIQ Cloud developer hub. You'll find comprehensive guides and documentation to help you start working with observIQ Cloud as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    

Windows Event Log

Configure Windows Event Log Source with observIQ

Supported Versions

Windows Server versions

  • 2019
  • 2016
  • 2012 R2
  • 2012

Configuration

Option

Description

System Events

Toggle check box to enable/disable collection of System Event logs.

Application Events

Toggle check box to enable/disable collection of Application Event logs.

Security Events

Toggle check box to enable/disable collection of Security Event logs.

Max Reads

Use this field to set the maximum number of records read into memory before beginning a new batch. The default is '100'.

Poll Interval

Use this field to set the interval at which the channel is checked for new log entries. This check begins after all new records have been read. The default is '1'.

Start At

Choose whether to start reading from the beginning or end of a file with "end" being the default.

Log Types

Types

windows_event.system

windows_event.application

windows_event.security

windows_event.custom

Dashboards

Dashboards for this source will be added soon.

Advanced

For more information on the advanced configuration capabilities, see our detailed plugin guide here.

Updated 2 months ago

Windows Event Log


Configure Windows Event Log Source with observIQ

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.