Contents Menu Expand Light mode Dark mode Auto light/dark mode
WinSyslog 18.1 documentation
WinSyslog 18.1 documentation
  • Getting Started
    • Installation
    • Understand the Components
    • Receive Logs
    • Creating an Initial Configuration
    • Process and Filter
    • Store and Forward
    • Operate and Troubleshoot
  • Tutorials
    • Tutorial: Prepare WinSyslog Data for Adiscon LogAnalyzer
    • Tutorial: Create a Simple Syslog Server and Write to a File
    • Tutorial: Export the Configuration and Create a Debug Log
    • Tutorial: Configure a SETP Server Service
    • Tutorial: Forward Messages to Another Syslog Server
    • Tutorial: Send Matching Messages by Email
    • Tutorial: Write Messages to a Database
  • Interactive Syslog Viewer
    • InterActive SyslogViewer
    • Options & Configuration
      • Launching InterActive SyslogViewer
      • Using InterActive SyslogViewer
      • Options & Menus
        • File Menu
          • General Options
          • Notifications & Questions Tab
          • License Tab
        • Edit Menu
        • View Menu
        • Help Menu
      • Live Syslog View
      • Database View
    • FAQ
      • How to Autostart Interactive Syslog Viewer
  • Configuration
    • Core concepts
      • WinSyslog - Services
      • Information Units
      • Rules
      • The Rule Engine
      • Filter Conditions
      • Actions
    • Configuring WinSyslog
    • Organizing with RuleSets, Rules, and Actions
    • Client Options
    • Client Tools
    • Using File based configuration
    • General Options
      • License
      • General
      • Debug
      • Engine
      • Queue Manager
      • Permitted Senders
    • Services
      • Heartbeat
      • MonitorWare Echo Reply
      • RELP Listener
      • SETP Server
      • SNMP Trap Receiver
      • Syslog server
    • Filter conditions
      • Global Conditions
      • Date Conditions
      • Operators
      • Filters
        • REGEX Compare Operation
      • General
      • Date/Time
      • InformationUnit Type
      • Syslog
      • SNMP Traps
      • Event Log Monitor
      • Event Log Monitor V2
      • File Monitor
      • Custom Property
      • Extended Number Property
      • Extended IP Property
      • File Exists
      • Store Filter Results
    • Actions
      • ODBC Database Options
      • OLEDB Database Action
      • File Logging Options
      • Event Log Options
      • Send Email
      • Net Send
      • Send to Communications Port
      • Send MSQueue
      • Send RELP
      • Send SETP
      • Send SNMP Trap
      • Syslog Forwarding
      • Send DTLS
      • Call RuleSet
      • Compute Status Variable
      • Discard
      • Normalize Event
      • Post Processing
      • Parsing log messages
      • Resolve Hostname Action
      • Set Property
      • Set Status
      • Play Sound
      • Start Program
  • FAQ
    • Why are Logfiles sometimes not rotated in WinSyslog 17.5 or lower?
    • Log Rotation Naming Convention Change in WinSyslog 18.x
    • Why does log rotation fail when using ZIP compression in WinSyslog?
    • Are WinSyslog products affected by recent OpenSSL CVEs?
    • Troubleshooting the Start Program action in WinSyslog
    • High-load configuration reload issues in WinSyslog
    • Queue Buildup During SQL Server Table Cleanup Operations in WinSyslog
    • Default Timevalues Setting in WinSyslog Explained
    • How to Export WinSyslog Settings for a Support Call
    • Recommended Service Stop Order for WinSyslog Maintenance
    • Running WinSyslog on a Windows Cluster Server
    • Why Does a WinSyslog Message Show Two Timestamps?
    • What Does WinSyslog Event ID 1011 Mean?
    • Why do log files remain locked when multiple rules write to the same file?
    • How to resolve performance issues on high-load systems?
    • Is MariaDB supported by the ODBC action?
    • Recommended Palo Alto Firewall Syslog Configuration
    • How to Perform a Mass Rollout of WinSyslog
    • How to Copy the WinSyslog Configuration to Other Servers
    • How Can I Obtain a Printable Version of the WinSyslog Manual?
    • Can WinSyslog Write to a UNC Path?
    • Which Database Format Should I Use with WinSyslog?
    • What do CA PEM, Certificate PEM, and Key PEM mean for TLS listeners?
    • Forwarding syslog messages with original IP address in WinSyslog
    • What Is the Difference Between SETP and Syslog?
    • How Do I Handle Non-Standard Syslog Messages from Unix or Linux Systems?
    • How Do I Enter WinSyslog License Information?
    • What is Freeware Mode?
    • WinSyslog vs Kiwi Syslog Server – Which to Choose?
    • Do the configuration clients require .NET Framework, or is .NET Core or .NET 5+ enough?
    • Is WinSyslog v18+ supported on Windows Server IoT 2025?
  • Licensing and purchasing
    • How do I contact Adiscon sales?
    • What should I include in a quote request?
    • What happens after I open a sales ticket?
    • How do purchase orders and billing requests work?
    • Licensing and ordering
    • Air-gapped environments
    • Offline installation and activation
    • Online verification after activation
    • Perpetual licenses and UpgradeInsurance
    • UpgradeInsurance
  • Reference
    • WinSyslog Shortcut Keys
    • Command Line Switches
    • Edition Comparison
    • Comparison of properties
    • Event Properties
      • Accessing Properties
        • Property
        • FromPos
        • ToPos
        • Options
        • Simple Examples
      • System Properties
      • Custom Properties
      • Event-Specific Properties
        • Standard Properties
        • Windows Event Log Properties
        • Windows Event Log V2 Properties
        • Syslog Message Properties
        • Disk Space Monitor
        • CPU/Memory Monitor
        • File Monitor
        • Windows Service Monitor
        • Ping Probe
        • Port Probe
        • Database Monitor
        • Serial Monitor
        • MonitorWare Echo Request
        • FTP Probe
        • IMAP Probe
        • NNTP Probe
        • SMTP Probe
        • POP3 Probe
        • HTTP Probe
    • Complex Filter Conditions
    • Connect to Computer
    • Registry Paths
    • System Error Codes
    • Glossary
      • Engine Only Install
      • FTP
      • HTTP
      • IETF
      • IMAP
      • IPv6
      • Millisecond
      • NNTP
      • POP3
      • Registry File
      • RELP
      • Resource ID
      • RFC 3164
      • RFC 3195
      • RFC 5424
      • SETP
      • SMTP
      • SNMP
      • Syslog Facility
      • TCP
      • UDP
      • UTC
  • Copyrights
Back to top

How these components work together#

This older page is kept only for URL compatibility.

For the current explanation of component interaction, use:

  • Understand the Components

  • Receive Logs

  • Process and Filter

  • Store and Forward

Those pages now provide the canonical WinSyslog flow from message intake to processing, storage, forwarding, and viewing.

Copyright © 1996-2026, Adiscon GmbH
Made with Sphinx and @pradyunsg's Furo