Ever wondered why after all this years Windows still doesn't support syslog? This is why; read a very comprehensive answer by Eric Fitzgerald, who "owns" Windows logging. There is also a very lively discussion that ensued, which includes things like "my blood boils and a halo of pink steam forms around my head, throbbing the the gnashing of my teeth and the kodo drum-like thudding of my overworked heart. " :-) /guess who said this/
Overall, it pains me to say this, but Eric's answer actually makes sense. Still, having a little tiny-teeny option to send a filtered subset of Windows events tout via UDP 514 in an "official" manner would be nice...
Dr Anton Chuvakin
