Automate domain log collection

 

Objective:

Automate the collection of logs from servers and clients in the domain into a central location monitored by first line support with subsequent feed into log analyzers such as Splunk and Loggly.

 

Request:

Avoid scripted jobs or schedulers. Should not be depending on code or jobs.

 

Result:

The solution is native to Windows if WinRM is used – Windows Remote Management – service is running by default, only requires extra configuration.

For that extra touch, I’ve added multiple options to browse the central location or get notifications, including email and RSS feed!

 

https://support.microsoft.com/en-us/kb/2019527

https://msdn.microsoft.com/en-us/library/aa384372(v=vs.85).aspx

https://msdn.microsoft.com/en-us/library/windows/desktop/bb870973(v=vs.85).aspx