In order to integrate Windows systems into a syslog environment, you need a service that reads out the Windows event log and sends this on via the syslog protocol to the central Syslog server. This task is performed by the freely available and easy-to-install evtsys tool (an abbreviation of the project name Eventlog to Syslog), from the homepage of the Engineering Computer Network of Purdue University^[281] The Web page provides two binary packages for download, one for 32-bit and one for 64-bit systems (evtsys_exe_32.zip or evtsys_exe_64.zip), along with the source code.

The files evtsys.exe and evtsys.dll contained in the package are copied to the subdirectory system32 of the system root of the Windows server ...