2 réponses
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
I don't think it is particularly strange that the output is in XML.
If you check the Event Viewer on the Windows server, you will see the logs in the same XML format.
0
Hi DD-Boom
in addition to Riku
The windows stored event logs in XML format. You an see the WEF format
https://docs.nxlog.co/userguide/integrate/windows-eventlog.html
The format you have written is not log format it is how event viewer shos the log in user interface
and as you can see here
https://johndcyber.com/how-to-forward-windows-event-logs-to-cloud-watch-in-5-easy-steps-13fa65a173b2
CloudWatchAgent forwards the event in the same format also
Contenus pertinents
- demandé il y a un an
- demandé il y a 5 jours
- demandé il y a 2 mois
AWS OFFICIELA mis à jour il y a 2 ans- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans
- AWS OFFICIELA mis à jour il y a 2 ans
Normally it will be the log content [Security] [INFORMATION] [5061] [Microsoft-Windows-Security-Auditing] [Jump] [Cryptographic operation.
Subject: Security ID: S-0-1112 1069 Account Name: ****** Account Domain: ******* Logon ID: 0x1B313D0
Cryptographic Parameters: Provider Name: Microsoft Software Key Storage Provider Algorithm Name: UNCCTVN Key Name: *******.net Key Type: User key.
Cryptographic Operation: Operation: Open Key. Return Code: 0x87788016]