Windows Event Log
Windows Event Log (windows-event-log)
Read events from Windows Event Log.
Windows json
Minimal example
input: windows-event-log: channel: ~ query: ~JSON
{ "input": { "windows-event-log": { "channel": null, "query": null } }}Contents
Behavior
Behavior
| Field | Type | Required | Description |
|---|---|---|---|
start-at-oldest ✓ | boolean (bool) | Start with the oldest event available in the log. Default: false |
Debugging
Debugging
| Field | Type | Required | Description |
|---|---|---|---|
debug-event-payloads ✓ | boolean (bool) | Dump expanded event log data (not recommended for production). Default: false |
Query
Query
| Field | Type | Required | Description |
|---|---|---|---|
query | string | ✅ | The query to filter events. |
Source
Source
| Field | Type | Required | Description |
|---|---|---|---|
channel | string | ✅ | The publisher channel to read events from. |