Promtail on Windows Server 2019

Grafana Loki
1

Hi,

I’m using grafana 8.3.3 on a CentOS 8 with a loki version 2.4.1 and a promtail version 2.4.1 on linux without any problem.
But now I try to monitor the logs of a Windows-Server. This is my config:

server:
http_listen_port: 9080
grpc_listen_port: 0

positions:
filename: ./positions.yaml

clients:

scrape_configs:

  • job_name: windows
    windows_events:
    use_incoming_timestamp: false
    bookmark_path: “./bookmark.xml”
    eventlog_name: “System”
    xpath_query: ‘*’
    labels:
    job: HNCHHS64
    relabel_configs:
    • source_labels: [‘computer’]
      target_label: ‘host’

I would like to not only monitor the system-log, but also the application-log and security log. When I set the eventlog_name to:

eventlog_name: “”

I get an error:
level=error ts=2022-01-13T15:04:13.6931226Z caller=main.go:115 msg=“error creating promtail” error=“failed to make windows target manager: error subscribing to windows events: Der angegebene Kanal ist ungültig.”

“Der angegebene Kanal ist ungültig” = “the channel is wrong”

How can I monitor more than one channel on a windows server ?

Any suggestions are welcome

Best regards

fatcharly

2

I changed the product from promtail to fluent-bit, this works with no problem with loki.

3

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.