Windows Event Log

Windows Event Log (windows-event-log)

Read events from Windows Event Log.

Windows json

Minimal example

input:
  windows-event-log:
    channel: ~
    query: ~

JSON

{
  "input": {
    "windows-event-log": {
      "channel": null,
      "query": null
    }
  }
}

Contents

• Minimal example

• Fields

• Source

• Query

• Behavior

• Debugging

Fields

Field	Type	Required	Description
channel Source	string	✅	The publisher channel to read events from.
query Query	string	✅	The query to filter events.
start-at-oldest Behavior	boolean (bool)		Start with the oldest event available in the log.
debug-event-payloads Debugging	boolean (bool)		Dump expanded event log data (not recommended for production).

Source

Show fields

Field	Type	Required	Description
channel	string	✅	The publisher channel to read events from.

Query

Show fields

Field	Type	Required	Description
query	string	✅	The query to filter events.

Behavior

Show fields

Field	Type	Required	Description
start-at-oldest	boolean (bool)		Start with the oldest event available in the log.

Debugging

Show fields

Field	Type	Required	Description
debug-event-payloads	boolean (bool)		Dump expanded event log data (not recommended for production).