Starting with Windows Vista and Windows Server 2008, Microsoft introduced an event logging and tracing framework called Windows Eventing 6.0. This mechanism enables better organization of event data, which enables smarter searches for system events of interest. For more information on Windows Eventing, see the Microsoft Windows product documentation. Windows Eventing Collector Service utilizes Windows Eventing framework to collect events from Windows based event sources. The Windows Eventing Collector Service is capable of collecting events from Classic Windows event channels (Security, Application and System) as well as any new Eventing channels.
The new collector is available on SCOL as part of the August ESU.