Microsoft Windows includes different categories of logs (Security, System, or Application event logs) to record important software and hardware events, which you may want to correlate in USM Appliance. There are different ways to collect logs from Windows machines, AlienVault supports HIDS and NXLog. For HIDS instructions, including how to deploy HIDS agents, how to configure file integrity monitoring, as well as how to configure HIDS agent to read a log file on Windows, see AlienVault HIDS.
NXLog works similarly to syslog-ng or rsyslog but is not limited to UNIX/Linux systems. It supports multiple platforms including Microsoft Windows. USM Appliance has different NXLog plugins for different Microsoft and non-Microsoft products, for both the NXLog Community Edition and the NXLog Enterprise Edition. Click the corresponding link below for details.