Sample nxlog.conf for sending Windows Events to Graylog
Splitting outputs for Sysmon Events from Windows Events in nxlog
Modify nxlog.conf for your environment und copy it to nxlog installation path in \conf folder
nxlog.conf => prepared for graylog and gelf
nxlog2syslog => prepared for sending to syslog in snare forward for fortigate siem
https://github.com/reighnman/Graylog_Content_Pack_WinDNS
https://github.com/ion-storm/sysmon-config
https://2code-monte.co.uk/2018/04/29/enable-windows-firewall-logging/