Feature Request
With the recent introduction of syslog parsing and increased attention in the Log Analytics space, it would be nice to compliment the syslog Telegraf input with a corresponding log input plugin for Windows. See also - https://community.influxdata.com/t/consuming-windows-event-log/5635
Proposal:
Telegraf Input plugin similar to the syslog input plugin, designed to feed from Windows Event Log (much like Elastic's WinLogBeat )
Current behavior:
n/a
Desired behavior:
Abstract log handling in Influx, with with support for native sources from both Windows and Linux inputs. Specifically, an Event Log telegraf input to complement the syslog input.
Use case: [Why is this important (helps with prioritizing requests)]
My use case: I work for a software vendor looking to use Influx as a telemetry analytics component of an application monitoring platform to be deployed alongside our software installs. The application monitoring platform currently uses ElasticSearch & Beats for log analytics, but with the growth of Elastic metrics handling and Influx's log handling, we're considering unifying both needs on a single platform. It would be a huge reduction in effort for us to reduce our endpoint footprint from telegraf + 3 beats agents down to a single telegraf agent; and our server footprint from two database clusters (Influx and Elastic) to one InfluxDB cluster
More generally, Influx is a cross-platform solution, but there doesn't seem to be much love for the windows side in the new logging functionality. For those of us stuck monitoring endpoints in Windows land, it'd be nice to see the ecosystem continue to provide cross-platform feature parity.
Feature Request
With the recent introduction of syslog parsing and increased attention in the Log Analytics space, it would be nice to compliment the syslog Telegraf input with a corresponding log input plugin for Windows. See also - https://community.influxdata.com/t/consuming-windows-event-log/5635
Proposal:
Telegraf Input plugin similar to the syslog input plugin, designed to feed from Windows Event Log (much like Elastic's WinLogBeat )
Current behavior:
n/a
Desired behavior:
Abstract log handling in Influx, with with support for native sources from both Windows and Linux inputs. Specifically, an Event Log telegraf input to complement the syslog input.
Use case: [Why is this important (helps with prioritizing requests)]
My use case: I work for a software vendor looking to use Influx as a telemetry analytics component of an application monitoring platform to be deployed alongside our software installs. The application monitoring platform currently uses ElasticSearch & Beats for log analytics, but with the growth of Elastic metrics handling and Influx's log handling, we're considering unifying both needs on a single platform. It would be a huge reduction in effort for us to reduce our endpoint footprint from telegraf + 3 beats agents down to a single telegraf agent; and our server footprint from two database clusters (Influx and Elastic) to one InfluxDB cluster
More generally, Influx is a cross-platform solution, but there doesn't seem to be much love for the windows side in the new logging functionality. For those of us stuck monitoring endpoints in Windows land, it'd be nice to see the ecosystem continue to provide cross-platform feature parity.