Forward logs with Promtail to loki

Hello,

we have a Grafana (grafanatest) instance with Prometheus/Loki/Promtail running on a Windows Server 2019.

Now we want to forward Windows Eventlogs from a Remote Host (plswinsrv2012r2) to our Loki Server (grafanatest)

I’ve installed via nssm the promtail service on plswinsrv2012r2, because the promtail instance is a Server and Agent aswell. Where do i put the Destination-IP-adress in the config file to forward logs to the grafanatest Server.

Promtail-Windows.yaml (plswinsrv2012r2)

Preformatted textserver:
http_listen_port: 9080
grpc_listen_port: 0

clients:

scrape_configs:

  • job_name: windows
    windows_events:
    use_incoming_timestamp: false
    bookmark_path: “./bookmark.xml”
    eventlog_name: “Setup”
    xpath_query: ‘*’
    labels:
    job: windowsPreformatted text

Or should i configure the Target on the Grafanatest Server if yes, where should i type in the targetadress.

Promtail-Windows.yaml (plswinsrv2012r2)

Preformatted textserver:
http_listen_port: 9080
grpc_listen_port: 0

clients:

scrape_configs:

  • job_name: windows
    windows_events:
    use_incoming_timestamp: false
    bookmark_path: “./bookmark.xml”
    eventlog_name: “Security”
    xpath_query: ‘*’
    labels:
    job: windowsPreformatted text

KR
Alex

Solved.

For every category i needed one bookmark.xml