Snare provides front end filtering, remote control, and remote distribution for Windows Event Log data. Snare Agent interacts with the underlying Windows Eventlog subsystem to facilitate remote, real-time transfer of event log information; Log data is converted to text format, and delivered to a remote Snare Server, remote SIEM server or to a remote Syslog server with configurable and dynamic facility and priority settings. Capturing all windows event logs, from the Security, Application and System logs, as well as the DNS, File Replication Service, and Active Directory logs is possible.
Comments