.svg?width=185&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Home"){kind=logo}
.svg?width=13&quality=80&auto=webp&format=auto&cache=true&immutable=true&cache-control=max-age%3D31536000 "Top Navigation - Sign in - Icon")
Windows Event Logs (IBM WinCollect)
IBM WinCollect is a Windows event log collection agent designed for IBM QRadar SIEM that efficiently collects, normalises, and forwards Windows Security, System, and Application event logs to centralised security monitoring platforms. It supports agentless and agent-based collection modes.
WinCollect enables ingestion of critical Windows security events including logon activities, privilege use, process creation, object access, and policy changes. When redirected to alternative SIEM/XDR platforms, the same rich Windows telemetry provides foundational visibility for detecting credential attacks, lateral movement, and insider threats.
Sophos Products
Sophos MDR/XDR Integrations
Partner Technology
Monitoring & Reporting
Solution Category
Sophos MDR/XDR Integrations