WinCollect 101 - Select your WinCollect version

WinCollect 101 Administrators can use WinCollect to capture Windows-based events for QRadar SIEM administrators.

Find my Version

Select your version

WinCollect is a Syslog event forwarder that administrators can use to forward events from Windows logs to QRadar®. WinCollect can collect events from systems locally or be configured to remotely poll other Windows systems for events. WinCollect uses the Windows Event Log API to gather events, and then WinCollect sends the events to QRadar.

WinCollect 10

WinCollect 10 is a major new release for IBM® QRadar®. You can install WinCollect 10 as a stand-alone agent only. Click here to learn more.

Visit WinCollect 10

WinCollect 7

WinCollect 7 is the older version of the software. Click here to learn more

Visit WinCollect 7

Explore QRadar 101

QRadar home

Return to the QRadar 101 homepage

Applications

Learn about QRadar apps

Deploy changes

Learn about deploying changes to QRadar

Disk Space

Learn about managing QRadar disk space

Software

Download software for QRadar

Support Assistance

Read our support policies

Support tools

Browse CLI tools to help with troubleshooting

Technotes

Browse a directory of our technical notes

Installs and Upgrades

Learn about installing and upgrading QRadar

Known issues

See current and fixed issues with QRadar

“IBM prides itself on delivering world class software support with highly skilled, customer-focused people. ”

Return to 101 home

Contact Support

Find your regional support contact

Give Feedback