Advertisement
Is there a free Windows based Log manager that can be installed on a Windows Workstation that allows me to pull all the logs from Windows workstations/servers?<\/p>\n
The idea is to monitor events across the company and 5 remote sites; and once the resolution is verified; apply the fix on the affected machines using our in-house RMM.<\/p>","upvoteCount":10,"answerCount":8,"datePublished":"2025-07-17T16:46:45.734Z","author":{"@type":"Person","name":"sohil2","url":"https://community.spiceworks.com/u/sohil2"},"suggestedAnswer":[{"@type":"Answer","text":"
Is there a free Windows based Log manager that can be installed on a Windows Workstation that allows me to pull all the logs from Windows workstations/servers?<\/p>\n
The idea is to monitor events across the company and 5 remote sites; and once the resolution is verified; apply the fix on the affected machines using our in-house RMM.<\/p>","upvoteCount":10,"datePublished":"2025-07-17T16:46:45.790Z","url":"https://community.spiceworks.com/t/event-log-management/1224722/1","author":{"@type":"Person","name":"sohil2","url":"https://community.spiceworks.com/u/sohil2"}},{"@type":"Answer","text":"
Check out Sysinternals<\/a>, there are multiple options.<\/p>","upvoteCount":3,"datePublished":"2025-07-17T16:50:49.218Z","url":"https://community.spiceworks.com/t/event-log-management/1224722/2","author":{"@type":"Person","name":"Jay-Updegrove","url":"https://community.spiceworks.com/u/Jay-Updegrove"}},{"@type":"Answer","text":" This is sort-of built in to Windows. It takes some setup, and I’ve never used it on client machines, only servers, but most RMM tools also have built-in utilities for grabbing event logs as well.<\/p>\n If you haven’t went down this particular rabbit hole, this page<\/a> and this page<\/a> might be useful. The first link is specifically about setting up event collection, and the second is more general information about the Windows Event Collector and links out to more specifics.<\/p>","upvoteCount":2,"datePublished":"2025-07-17T16:56:13.738Z","url":"https://community.spiceworks.com/t/event-log-management/1224722/3","author":{"@type":"Person","name":"Josh-J-Spiceworks","url":"https://community.spiceworks.com/u/Josh-J-Spiceworks"}},{"@type":"Answer","text":" Josh,<\/p>\n Thanks for the tip. I use Sysinternals for quite some time. I don’t recall any utility Mark published that would aggregate events from all the machines. I don’t recall the name of the open source software I discovered about 2016ish; it was a scheduled ‘pull’ method to go the machines and get the logs. It used AD Authentication to pull logs from devices; and aggregate the events in it’s own data base. Once I found a resolution to an event, and resolve it, I would refer back to the software to determine which machine had the event. For example, if 12 PCs had lost secure connection to the domain, I had the ability to find out which 12 domain PCs had the issue; and needed to be re-joined to the domain.<\/p>","upvoteCount":2,"datePublished":"2025-07-17T19:43:00.744Z","url":"https://community.spiceworks.com/t/event-log-management/1224722/4","author":{"@type":"Person","name":"sohil2","url":"https://community.spiceworks.com/u/sohil2"}},{"@type":"Answer","text":" Check out ELK Stack (Elasticsearch, Logstash, Kibana) it’s a game-changer for managing logs across a diverse environment.<\/p>\n Elasticsearch<\/strong> makes it insanely fast to search through millions of logs. Whether it’s a failed login, a service crash, or a weird network spike.<\/p>\n Kibana<\/strong> lets you build dashboards that actually make sense to non-IT folks. You get real-time views of system health, login trends, system logs, etc.<\/p>\n Logstash (or Beats)<\/strong> can ingest logs from just about anything—Windows, Linux, firewalls, apps, you name it.<\/p>\n Everything lands in one place. No more RDPing into 10 servers to check logs. It’s all searchable, filterable, and alertable. Plus, it’s Open Source and Scalable. It has made my life a lot easier.<\/p>\n