Receive Logs#

WinSyslog receives logs from multiple sources and turns them into events that can be processed by rules.

Diagram showing log sources feeding WinSyslog through Syslog UDP/TCP, RELP, SETP, and SNMP traps, then being processed by services, rulesets, and actions before output to file, database, Windows Event Log, forwarded syslog, or email.

WinSyslog can receive logs from multiple source types, process them through services, rulesets, and actions, and then store or forward them to downstream targets.

What you can receive:

Syslog over UDP/TCP and secure syslog over TLS
RELP (reliable transport)
Windows Event Log events
SNMP traps

Where to configure it:

Services provide the inputs.
Syslog server service receives syslog.
RELP listener receives RELP.
SETP server receives SETP.
SNMP trap receiver receives SNMP traps.

Quick verification:

In the WinSyslog Configuration Client, open Tools and use Send Syslog Test Message (see Send Syslog Test Message).
Confirm messages arrive in the configured ruleset (for example, write to a file).