6.17.1. windowsevent() source options

The windowsevent() driver has the following options:


Type: string
Default: ".windowsevent."

Description: The prefix that you wish to append to the key-value pairs.

If you want to send Windows event logs to SDATA, then set prefix(".SDATA."). This can be useful, for example, when you forward Windows event logs to a syslog-ng Store Box.


Type: string
Default: /opt/syslog-ng/var/run/wec.sock

Description: The path to the Unix domain socket to read messages from.