Looking for a comprehensive log aggregation monitor for a small Windows domain

Use scripts to filter the logs and put the output into a file that is somewhat small and readable. Powershell has commands for that (get-wineventlog). An old batch tool that you can still download is eventcomb.exe (from microsoft).
And there is also this:  https://blogs.technet.microsoft.com/otto/2008/07/08/quick-and-dirty-large-scale-eventing-for-windows/

Take a read on this article;
https://www.experts-exchange.com/articles/31784/How-to-Safely-Audit-Active-Directory-with-Free-Tools.html

Sorry, small correction on the powershell command: it is get-winevent

There are several solutions you can use but it all depends on how indepth you want your monitoring to be.

This is the solution, I think would work best for you at the moment. It has a straight forward discovery, installation, and monitoring engine.

https://www.manageengine.com/network-monitoring/server-monitoring.html?msclkid=2bb5a40c0c191a26b863feb799c2afbe&utm_source=bing&utm_medium=cpc&utm_campaign=OpManager%20-%20Core&utm_term=server%20monitoring&utm_content=Server%20Monitoring

i use splunk light as log aggregator within small lans.

I haven't dropped the question, I'm just taking my time to analyze the suggestions. So far I like the cost of PowerShell and know how to utilize it. I just know it's easy to get caught in the rabbit hole, digging deeper and deeper without finding an acceptable output I want. The Splunk Light looks nice, but when compared to EventSentry it doesn't even compare. My only issue with the EventSentry is the cost. Might be a tough sell on C-types for an event system, even though the capability can replace other products I subscribe to.

I completely understand regarding PowerShell, and if you can create the report(s) that you need with it, then by all means I would go that route. But like you said, it's a potential time sink. It probably depends on whether you'll have a use for all the functionality EventSentry has included. If you do then it probably makes sense to take a closer look at it.

EventSentry's pricing is pretty fair IMHO, but that obviously depends on how much of it you'll be utilize, and what your budget looks like. If you already have similar products then why don't you ask them for competitive upgrades? I know that some vendors offer decent discounts if you switch from a competitive product. I don't know if they do, but it's worth a shot I think.

NetCrunch can handle that for you, completely remotely and without any agents. This might be the most pain-free way to do it, especially when you have several machines to monitor. Here's a KB on that: https://www.adremsoft.com/blog/view/blog/7483494443299/monitoring-text-log-files-with-netcrunch , https://www.adremsoft.com/adoc/view/netcrunch/5998261774627/monitoring-text-logs

I didn't get to fully invest my research into the solutions, especially Mariusz J.'s recommendation. Thanks everyone for your input. I gave Peter Saraby the credit because if I can wrangle his solution into the budget, that definitely they way I want to go. The Event Sentry product looks extremely comprehensive. Again, thank you everyone.

Glad you found your answer!

May I ask why the free and built-in way that Microsoft has documented step by step is not suitable?

McKnife, as I mentioned in my closing statement, I love working with PowerShell; but I find that it can easily be overwhelming, especially when aggregating data. While I only have 12 servers, I can easily get overwhelmed sifting through the amount of data that is presented from them, half of which can be ignored. Again, thanks for your input, I just decided to go a different direction.

No powershell required. Please scroll again through my link https://blogs.technet.microsoft.com/otto/2008/07/08/quick-and-dirty-large-scale-eventing-for-windows/ - not a single line of powershell.
It is an understandable tutorial about the free, built-in way to collect events centrally.