Step-by-Step Guide: How to Forward Windows 10 Logs to Nagios Log Server 2024R2

Nagios Log Server makes it easy to collect and analyze logs from a wide variety of systems—including Windows machines. In this guide, you’ll learn how to send Windows 10 logs to Nagios Log Server 2024R2 using NXLog Community Edition (CE), a third-party agent.

Prerequisites

Before you begin, make sure you have the following:

• A running instance of Nagios Log Server (2024R2)
• A Windows 10 system with administrative privileges
• Network connectivity between the Windows 10 machine and the Nagios Log Server

Step 1: Add a New Windows Log Source in Nagios Log Server

1. Log in to Nagios Log Server.
2. Click the green + Add Log Source button or navigate to Configure > + Add Log Source.
3. Click the + Windows button to begin setup for a Windows log source.

Step 2: Install NXLog Community Edition (CE)

1. On the Windows log source setup page, find the Getting Started section.

2. Click the link to download NXLog CE directly from your Nagios Log Server (not an external source).

3. Launch the installer and follow these steps:

• Accept the License Agreement.

• Choose the default or a custom installation path.
• Click Install, then click Finish once completed.

Step 3: Configure NXLog on Windows 10

1. In the Configuration Setup section of the Nagios Log Server, locate the configuration code block.
2. Click the Select All icon and copy the text.
3. On your Windows 10 machine:
   • Open Notepad as Administrator.
   • Navigate to the file: C:\Program Files\nxlog\conf\nxlog.conf or: C:\Program Files (x86)\nxlog\conf\nxlog.conf
   • In Notepad, switch file type to All Files to locate nxlog.conf.
   • Delete all contents (CTRL + A, then DELETE).
   • Paste the copied configuration block.
   • Click File > Save.

Step 4: Start NXLog Service

1. Open Command Prompt as Administrator.
2. Run the following command:

net start nxlog

The NXLog service is now running and configured to start automatically on boot.

Step 5: Verify Logs in Nagios Log Server

1. Navigate to the Windows source page in Nagios Log Server.
2. In the Verify Incoming Logs section, enter the Windows machine’s IP address.
3. You can also go to the Dashboards section and run this query: host:<Windows 10 IP>
4. Confirm that log entries appear under All Events.

Troubleshooting Tips

• NXLog Service Fails to Start:
  • Ensure you have administrative privileges.
  • Verify the syntax of the nxlog.conf file.
• No Logs in Nagios Log Server:
  • Check the network connectivity between the Windows machine and Nagios Log Server.
  • Double-check the NXLog configuration.
• Firewall Issues:
  • Ensure firewalls on both Windows and Nagios Log Server allow traffic on required ports.

Conclusion

Conclusion

By following this guide, you have successfully configured Windows 10 to forward logs to Nagios Log Server 2024R2 using NXLog CE. This setup ensures you have real-time visibility into Windows system events.

For more resources and help:

• Nagios Support Forum
• Nagios Knowledgebase
• Nagios Library