Converting multi-line logs messages from windows events to single lines on client side

Hello,

I use syslog-ng PE 6.0.19 on a windows server 2016 edition to send windows event logs to a remote syslog-ng server.

The remote syslog-ng server is a community edition version 3.5.6 running on CentOS 7 OS.

I cannot modify the version of the remote syslog-ng server.

I need to receive the logs from the windows machine in one line for parsing reasons.

I have tried the flags(no-multi-line) option and several things (https://support.oneidentity.com/fr-fr/syslog-ng-premium-edition/kb/283190/converting-multi-line-logs-messages-from-windows-events-to-single-lines?kblang=en-US) in server side configuration but it doesn't work.

I cannot figure out how to activate a no-multi-line option on the windows machine for the windows event logs.

Can you help me?

Best regards,

Parents Reply Children