diff --git a/config/uberAgent-ESA-eventlog-windows.conf b/config/uberAgent-ESA-eventlog-windows.conf
new file mode 100644
index 00000000..4fafcddb
--- /dev/null
+++ b/config/uberAgent-ESA-eventlog-windows.conf
@@ -0,0 +1,34 @@
+############################################
+#
+# uberAgent ESA Event Log configuration
+#
+# Uncomment the examples below or create your own configuration.
+#
+############################################
+
+# # Collect Information events from the Security log as soon as they occur. Collecting on demand can be resource intensive.
+# [EventLog Name=OnDemand-Security-Events]
+# EventLog = Security
+# LevelName=Information
+
+# # Timer based collection of Error and Warning events from the Application and System log
+# [Timer]
+# Name = Eventlog
+# EventLog=TimerBased-Application-Errors-Warnings, TimerBased-System-Errors-Warnings
+# Interval=60000
+
+# [EventLog Name=TimerBased-Application-Errors-Warnings]
+# EventLog = Application
+# LevelName=Error,Warning
+ 
+# [EventLog Name=TimerBased-System-Errors-Warnings]
+# EventLog = System
+# LevelName=Error,Warning
+
+# # Collect Information events from the provider "Windows Error Reporting" in the Application Log that have a BucketType of 5
+# [EventLog Name=OnDemand-WER-Events]
+# EventLog = Application
+# Provider=Windows Error Reporting
+# EventFilterXPath=*[EventData[Data[@Name='BucketType']=5]]
+# EventID=1000,1001
+# LevelName=Information
diff --git a/config/uberAgent-ESA-eventlog.conf b/config/uberAgent-ESA-eventlog.conf
new file mode 100644
index 00000000..796a1879
--- /dev/null
+++ b/config/uberAgent-ESA-eventlog.conf
@@ -0,0 +1,2 @@
+# Event log configuration
+@ConfigInclude uberAgent-ESA-eventlog-windows.conf platform=Windows
diff --git a/config/uberAgent-ESA.conf b/config/uberAgent-ESA.conf
index eac198f5..cf13333d 100644
--- a/config/uberAgent-ESA.conf
+++ b/config/uberAgent-ESA.conf
@@ -40,4 +40,7 @@
 
 # vast limits Security & Compliance Inventory checks
 @ConfigInclude uberAgent-ESA-si-vastlimits-windows.conf platform=Windows
-@ConfigInclude uberAgent-ESA-si-vastlimits-macos.conf platform=macOS
\ No newline at end of file
+@ConfigInclude uberAgent-ESA-si-vastlimits-macos.conf platform=macOS
+
+# Event log configuration
+@ConfigInclude uberAgent-ESA-eventlog.conf