diff --git a/.chloggen/wel-supress-rendering-info.yaml b/.chloggen/wel-supress-rendering-info.yaml
new file mode 100644
index 0000000000000..9443c9b92d82b
--- /dev/null
+++ b/.chloggen/wel-supress-rendering-info.yaml
@@ -0,0 +1,29 @@
+# Use this changelog template to create an entry for release notes.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: 'enhancement'
+
+# The name of the component, or a single word describing the area of concern, (e.g. filelogreceiver)
+component: windowseventlogreceiver
+
+# A brief description of the change.  Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: Add 'suppress_rendering_info' option.
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+issues: [34720]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext: |
+  When this flag is enabled, the receiver will not attempt to resolve rendering info. This can improve performance
+  but comes at a cost of losing some details in the event log.
+
+# If your change doesn't affect end users or the exported elements of any package,
+# you should instead start your pull request title with [chore] or use the "Skip Changelog" label.
+# Optional: The change log or logs in which this entry should be included.
+# e.g. '[user]' or '[user, api]'
+# Include 'user' if the change is relevant to end users.
+# Include 'api' if there is a change to a library API.
+# Default: '[user]'
+change_logs: []
diff --git a/.chloggen/wel-supress-rendering-info2.yaml b/.chloggen/wel-supress-rendering-info2.yaml
new file mode 100644
index 0000000000000..4a645ac07e6f8
--- /dev/null
+++ b/.chloggen/wel-supress-rendering-info2.yaml
@@ -0,0 +1,33 @@
+# Use this changelog template to create an entry for release notes.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: 'breaking'
+
+# The name of the component, or a single word describing the area of concern, (e.g. filelogreceiver)
+component: windowseventlogreceiver
+
+# A brief description of the change.  Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: The 'raw' flag no longer supresses rendering info.
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+issues: [34720]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext: |
+  Previously, this flag controlled two behaviors simultaneously:
+    1. Whether or not the body of the log record was an xml string or structured object.
+    2. Whether or not rendering info was resolved.
+  A separate 'suppress_rendering_info' option now controls rendering info resolution.
+  This is considered a breaking change because users setting only the 'raw' flag without also setting the
+  new 'suppress_rendering_info' flag may see a performance decrease along with more detailed events.
+
+# If your change doesn't affect end users or the exported elements of any package,
+# you should instead start your pull request title with [chore] or use the "Skip Changelog" label.
+# Optional: The change log or logs in which this entry should be included.
+# e.g. '[user]' or '[user, api]'
+# Include 'user' if the change is relevant to end users.
+# Include 'api' if there is a change to a library API.
+# Default: '[user]'
+change_logs: []
diff --git a/.chloggen/wel-supress-rendering-info3.yaml b/.chloggen/wel-supress-rendering-info3.yaml
new file mode 100644
index 0000000000000..943f702a806f1
--- /dev/null
+++ b/.chloggen/wel-supress-rendering-info3.yaml
@@ -0,0 +1,27 @@
+# Use this changelog template to create an entry for release notes.
+
+# One of 'breaking', 'deprecation', 'new_component', 'enhancement', 'bug_fix'
+change_type: 'enhancement'
+
+# The name of the component, or a single word describing the area of concern, (e.g. filelogreceiver)
+component: windowseventlogreceiver
+
+# A brief description of the change.  Surround your text with quotes ("") if it needs to start with a backtick (`).
+note: Move artificial "remote_server" field to 'attributes["server.address"]'.
+
+# Mandatory: One or more tracking issues related to the change. You can use the PR number here if no issue exists.
+issues: [34720]
+
+# (Optional) One or more lines of additional information to render under the primary note.
+# These lines will be padded with 2 spaces and then inserted directly into the document.
+# Use pipe (|) for multiline entries.
+subtext:
+
+# If your change doesn't affect end users or the exported elements of any package,
+# you should instead start your pull request title with [chore] or use the "Skip Changelog" label.
+# Optional: The change log or logs in which this entry should be included.
+# e.g. '[user]' or '[user, api]'
+# Include 'user' if the change is relevant to end users.
+# Include 'api' if there is a change to a library API.
+# Default: '[user]'
+change_logs: []
diff --git a/pkg/stanza/operator/input/windows/event.go b/pkg/stanza/operator/input/windows/event.go
index 60508a09c79c9..8cce680fc7db6 100644
--- a/pkg/stanza/operator/input/windows/event.go
+++ b/pkg/stanza/operator/input/windows/event.go
@@ -88,10 +88,6 @@ func (e *Event) RenderSimple(buffer Buffer) (*EventXML, error) {
 	bufferUsed, err := evtRender(0, e.handle, EvtRenderEventXML, buffer.SizeBytes(), buffer.FirstByte())
 	if err != nil {
 		if errors.Is(err, ErrorInsufficientBuffer) {
-			// If the bufferUsed is 0 return an error as we don't want to make a recursive call with no buffer
-			if *bufferUsed == 0 {
-				return nil, errUnknownNextFrame
-			}
 			buffer.UpdateSizeBytes(*bufferUsed)
 			return e.RenderSimple(buffer)
 		}
@@ -115,11 +111,6 @@ func (e *Event) RenderDeep(buffer Buffer, publisher Publisher) (*EventXML, error
 	bufferUsed, err := evtFormatMessage(publisher.handle, e.handle, 0, 0, 0, EvtFormatMessageXML, buffer.SizeWide(), buffer.FirstByte())
 	if err != nil {
 		if errors.Is(err, ErrorInsufficientBuffer) {
-			// If the bufferUsed is 0 return an error as we don't want to make a recursive call with no buffer
-			if *bufferUsed == 0 {
-				return nil, errUnknownNextFrame
-			}
-
 			buffer.UpdateSizeWide(*bufferUsed)
 			return e.RenderDeep(buffer, publisher)
 		}
diff --git a/pkg/stanza/operator/input/windows/input.go b/pkg/stanza/operator/input/windows/input.go
index a9ecb20652ea0..7144d4d7a3ef9 100644
--- a/pkg/stanza/operator/input/windows/input.go
+++ b/pkg/stanza/operator/input/windows/input.go
@@ -301,7 +301,7 @@ func (i *Input) sendEvent(ctx context.Context, eventXML *EventXML) {
 	e.Severity = parseSeverity(eventXML.RenderedLevel, eventXML.Level)
 
 	if i.remote.Server != "" {
-		e.Attributes["remote_server"] = i.remote.Server
+		e.Attributes["server.address"] = i.remote.Server
 	}
 
 	_ = i.Write(ctx, e)
diff --git a/pkg/stanza/operator/input/windows/xml.go b/pkg/stanza/operator/input/windows/xml.go
index f1a31882e3805..18cfc65a0ccb5 100644
--- a/pkg/stanza/operator/input/windows/xml.go
+++ b/pkg/stanza/operator/input/windows/xml.go
@@ -251,11 +251,11 @@ func (e Execution) asMap() map[string]any {
 }
 
 // unmarshalEventXML will unmarshal EventXML from xml bytes.
-func unmarshalEventXML(bytes []byte) (EventXML, error) {
+func unmarshalEventXML(bytes []byte) (*EventXML, error) {
 	var eventXML EventXML
 	if err := xml.Unmarshal(bytes, &eventXML); err != nil {
-		return EventXML{}, fmt.Errorf("failed to unmarshal xml bytes into event: %w (%s)", err, string(bytes))
+		return nil, fmt.Errorf("failed to unmarshal xml bytes into event: %w (%s)", err, string(bytes))
 	}
 	eventXML.Original = string(bytes)
-	return eventXML, nil
+	return &eventXML, nil
 }
diff --git a/receiver/windowseventlogreceiver/README.md b/receiver/windowseventlogreceiver/README.md
index 861f1a5d1c31d..27f7f9ae7cbc3 100644
--- a/receiver/windowseventlogreceiver/README.md
+++ b/receiver/windowseventlogreceiver/README.md
@@ -34,7 +34,7 @@ Tails and parses logs from windows event log API using the [opentelemetry-log-co
 | `retry_on_failure.initial_interval` | `1 second`   | Time to wait after the first failure before retrying.                                                                                                                                                                                          |
 | `retry_on_failure.max_interval`     | `30 seconds` | Upper bound on retry backoff interval. Once this value is reached the delay between consecutive retries will remain constant at the specified value.                                                                                           |
 | `retry_on_failure.max_elapsed_time` | `5 minutes`  | Maximum amount of time (including retries) spent trying to send a logs batch to a downstream consumer. Once this value is reached, the data is discarded. Retrying never stops if set to `0`.                                                  |
-| remote                              | object       | Remote configuration for connecting to a remote machine to collect logs. Includes server (the address of the remote server), with username, password, and optional domain.                                                    |
+| `remote`                              | object       | Remote configuration for connecting to a remote machine to collect logs. Includes server (the address of the remote server), with username, password, and optional domain.                                                    |
 
 ### Operators