Snare for Windows uses the 'NotifyChangeEventLog'
system call to monitor changes to the windows event logs.
Unfortunately, this system call is not guaranteed to
send a signal to the host program on every event - if
several events come through in close proximity, there
is a chance that Snare will not be notified, and
therefore the event will not be sent to the remote
server until a new event triggers the
It may be worth adding in a timer that polls each log
every (say) few minutes, to try and pick up these