January 24, 2025
using open telemetry
how it works
send windows event logs and other observability data to an opentelemetry backend using the opentelemetry collector.
prepare your backend
I used a free tier honeycomb.io cloud service. You will need to get your api key from here
install collector
-
download
-
https://github.com/open-telemetry/opentelemetry-collector-releases/releases
-
use a contrib package (contains event log receiver) e.g. otelcol-contrib_0.118.0_windows_x64.msi
-
-
configure
-
configuration is done with a config.yaml file
-
at least one receiver, the otlp exporter and bind it together as a service
-
test it with ''.\otelcol-contrib.exe --config config.yaml'
-
later on run as a service (created during install).
receivers:
windowseventlog/application:
channel: Application
start_at: end
windowseventlog/system:
channel: System
windowseventlog/security:
channel: Security
# Collect own metrics
prometheus:
config:
scrape_configs:
- job_name: 'otel-collector'
scrape_interval: 10s
static_configs:
- targets: ['0.0.0.0:8888']
processors:
batch:
exporters:
debug:
verbosity: detailed # Outputs full telemetry data for debugging
otlp:
endpoint: "https://api.honeycomb.io:443"
headers:
x-honeycomb-team: "***put in your own key***" # Honeycomb API Key
x-honeycomb-dataset: "ws-surface" # Honeycomb dataset
service:
pipelines:
logs:
receivers:
- windowseventlog/application
- windowseventlog/system
processors: [batch]
exporters: [debug, otlp]
metrics:
receivers: [prometheus]
processors: [batch]
exporters: [debug, otlp]