Windows
Synopsis
Creates a device collector that connects to Windows servers via WinRM to deploy and run the VirtualMetric Agent. Supports local and Active Directory authentication.
To collect logs from arbitrary files on a Windows host (IIS logs, application logs, SQL Server error logs, etc.), see File Log Datasets.
For cluster-aware Windows scenarios, the device type windows_cluster is also registered and delegates to the same deployment flow as windows. Use it when the GUI exposes a cluster-specific workflow; configuration semantics are otherwise identical to this page.
Schema
- id: <numeric>
name: <string>
description: <string>
type: windows
tags: <string[]>
pipelines: <pipeline[]>
status: <boolean>
properties:
address: <string>
port: <numeric>
username: <string>
password: <string>
active_directory: <boolean>
type: <string>
timeout: <numeric>
Configuration
Device
| Field | Required | Default | Description |
|---|---|---|---|
id | Y | - | Unique numeric identifier |
name | Y | - | Device name |
description | N | - | Optional description |
type | Y | - | Must be windows |
tags | N | - | Optional tags |
pipelines | N | - | Optional pre-processor pipelines |
status | N | true | Enable/disable the device |
Connection
| Field | Required | Default | Description |
|---|---|---|---|
address | Y | - | Target server address |
port | N | 5985 | WinRM port number (5985 for HTTP, 5986 for HTTPS) |
username | N | - | WinRM username; for AD authentication use DOMAIN\\username or username@domain.local format (resolvable via ${ENV_VAR} or $secret{...}) |
password | N | - | WinRM password (resolvable via ${ENV_VAR} or $secret{...}) |
active_directory | N | false | When true, authenticates against Active Directory; when false, uses local Windows authentication |
type | N | "agentless" | Deployment mode selector under properties: (distinct from the top-level type: windows field). Values: agent or agentless |
Performance
| Field | Required | Default | Description |
|---|---|---|---|
timeout | N | 60 | WinRM connection timeout in seconds |
Examples
Local Authentication
Connecting with local Windows credentials... | |
Active Directory Authentication
Authenticating against AD with domain-qualified username... | |
The user account must have appropriate permissions to deploy the Agent and read the targeted log sources.
Custom Port (HTTPS)
Connecting over HTTPS WinRM (TLS-enabled listener)... | |
When multiple Windows collectors are deployed, the server adds a random delay (up to 20 seconds) before initiating the collection to help prevent overwhelming the target server.