Sources for Installed Collectors
You can configureĀ a variety of Sources on Installed Collectors.
In this section, we'll introduce the following concepts:
Collect Windows Forwarded Events
Track and collect forwarded events from a Windows Event Collector.
Docker Sources
Configure Docker Logs or a Docker Stats Source.
Host Metrics Source
Collect host metrics from a local host.
Local File Source
Collect log messages from the same machine where a collector is installed.
Local Windows Event Log Source
Collect local performance data from the Windows Performance Monitor.
Windows Event Source Custom Channels
Find Windows event channels to collect with a Local Windows Event Source.
Local Windows Performance Monitor Log Source
Collect local performance data from the Windows Performance Monitor.
Streaming Metrics Source
Add a streaming metrics source to collect Graphite, Carbon 2.0, or Prometheus metrics.
Syslog Source
Obtain syslog messages by listening on a designated port.
Define Boundary Regex for Multiline Messages
Detect when a log message spans multiple lines and then index it as a single message.
Preconfigure a Machine to Collect Remote Windows Events
Configure a system for remote access by a Remote Windows Event Log Source.
Preconfigure a Machine to Collect Remote Windows Performance Monitoring Logs
Collect log messages remotely from where a collector is installed.
Windows Active Directory Inventory Source
Collect inventory data from Active Directory Database.
Remote Windows Event Log Source
Collect Windows event log entries from multiple remote systems.
Remote Windows Performance Monitor Log Source
Collect remote performance data from the Windows Performance Monitor.
Script Action
This Script Action passes the results of a scheduled search to a script or program that runs on a machine.